diff --git a/dist/add-ons/webcachemgr/VERSION b/dist/add-ons/webcachemgr/VERSION index a86adafdd..ba4e503bb 100644 --- a/dist/add-ons/webcachemgr/VERSION +++ b/dist/add-ons/webcachemgr/VERSION @@ -1 +1 @@ -1.13.13.1 \ No newline at end of file +1.14.0.3 \ No newline at end of file diff --git a/dist/add-ons/webcachemgr/bootstrap_cli.php b/dist/add-ons/webcachemgr/bootstrap_cli.php index ae0684e2b..719f21574 100644 --- a/dist/add-ons/webcachemgr/bootstrap_cli.php +++ b/dist/add-ons/webcachemgr/bootstrap_cli.php @@ -2,14 +2,15 @@ /** ********************************************* * LiteSpeed Web Server Cache Manager - * @Author: LiteSpeed Technologies, Inc. (https://www.litespeedtech.com) - * @Copyright: (c) 2018 + * + * @author Michael Alegre + * @copyright (c) 2018-2022 LiteSpeed Technologies, Inc. * ******************************************* */ -use \Lsc\Wp\Context\Context; -use \Lsc\Wp\Context\RootCLIContextOption; -use \Lsc\Wp\CliController; +use Lsc\Wp\Context\Context; +use Lsc\Wp\Context\RootCLIContextOption; +use Lsc\Wp\CliController; require_once __DIR__ . '/autoloader.php'; diff --git a/dist/add-ons/webcachemgr/src/CliController.php b/dist/add-ons/webcachemgr/src/CliController.php index 75b558f2a..4d9ce4b12 100644 --- a/dist/add-ons/webcachemgr/src/CliController.php +++ b/dist/add-ons/webcachemgr/src/CliController.php @@ -3,16 +3,16 @@ /** ****************************************** * LiteSpeed Web Server Cache Manager * - * @author LiteSpeed Technologies, Inc. (https://www.litespeedtech.com) - * @copyright (c) 2018-2022 + * @author Michael Alegre + * @copyright (c) 2018-2022 LiteSpeed Technologies, Inc. * ******************************************* */ namespace Lsc\Wp; -use \Exception; -use \Lsc\Wp\Context\Context; -use \Lsc\Wp\Panel\ControlPanel; -use \Lsc\Wp\Panel\CPanel; +use Exception; +use Lsc\Wp\Context\Context; +use Lsc\Wp\Panel\ControlPanel; +use Lsc\Wp\Panel\CPanel; class CliController { @@ -74,7 +74,7 @@ class CliController private $vhCacheRootParam = ''; /** - * @var boolean + * @var bool */ private $displayCacheRoots = false; @@ -96,13 +96,14 @@ class CliController /** * Holds any additional command input for use after parseCommands(). * - * @var null|mixed[] + * @var null|array */ private $input; /** * - * @throws LSCMException + * @throws LSCMException Thrown when script argument count is less than + * expected. */ public function __construct() { @@ -124,62 +125,70 @@ public function __construct() * Checks if current $wpInstallStorage object is capable of having the * given non-scan action performed. * - * @param string $action + * @param string $action * @param WPInstallStorage $wpInstallStorage + * * @return void - * @throws LSCMException + * + * @throws LSCMException Thrown when scan data cannot be read. + * @throws LSCMException Thrown when expected scan data format has changed. + * @throws LSCMException Thrown when attempting to execute a "mass" + * operation without any discovered installations. */ - private function checkDataFile( $action, - WPInstallStorage $wpInstallStorage) { + private function checkDataFile( + $action, + WPInstallStorage $wpInstallStorage ) + { + if ( $action == WPInstallStorage::CMD_SCAN2 ) { - if ( $action == WPInstallStorage::CMD_SCAN ) { /** * Always allowed. */ return; } - $msg = ''; - if ( ($err = $wpInstallStorage->getError()) ) { switch ($err) { + case WPInstallStorage::ERR_NOT_EXIST: case WPInstallStorage::ERR_CORRUPTED: case WPInstallStorage::ERR_VERSION_HIGH: - $msg = 'Scan data could not be read! Please scan again ' - . '(without the \'-n\' flag) before attempting any ' - . "cache operations.\n"; - break; + throw new LSCMException( + 'Scan data could not be read! Please scan again ' + . '(without the \'-n\' flag) before attempting any ' + . "cache operations.\n" + ); + case WPInstallStorage::ERR_VERSION_LOW: - $msg = 'Scan data file format has been changed for this ' - . 'version. Please scan again (without the \'-n\' ' - . "flag) before attempting any cache operations.\n"; - break; + throw new LSCMException( + 'Scan data file format has been changed for this ' + . 'version. Please scan again (without the \'-n\' ' + . "flag) before attempting any cache operations.\n" + ); + //no default } } elseif ( strpos($action,'mass_') === 0 && $wpInstallStorage->getCount() == 0 ) { - $msg = 'No WordPress installations discovered in the previous ' - . 'scan. If you have any newly installed WordPress ' - . 'installations, please scan again or add them with command ' - . "'addinstalls'.\n"; - } - - if ( $msg != '' ) { - throw new LSCMException($msg); + throw new LSCMException( + 'No WordPress installations discovered in the previous scan. ' + . 'If you have any newly installed WordPress ' + . 'installations, please scan again or add them with ' + . "command 'addinstalls'.\n" + ); } } /** * - * @param WPInstall $wpInstall + * @param WPInstall $wpInstall */ private function printStatusMsg( WPInstall $wpInstall ) { - $msg = "{$this->currWpPath} - Status: "; + $msg = "$this->currWpPath - Status: "; $status = $wpInstall->getStatus(); @@ -221,16 +230,29 @@ private function printStatusMsg( WPInstall $wpInstall ) $msg .= 'Could not find a valid wp-config.php file.'; } - echo "{$msg}\n\n"; + echo "$msg\n\n"; } /** * - * @param string[] $args + * @param string[] $args + * * @return void - * @throws LSCMException Thrown directly and indirectly. + * + * @throws LSCMException Thrown when -svr parameter is passed without a + * value. + * @throws LSCMException Thrown when -svr parameter value points to a + * non-empty directory. + * @throws LSCMException Thrown when -vh parameter is passed without a + * value. + * @throws LSCMException Thrown when -vh parameter value contains invalid + * character '$'. + * @throws LSCMException Thrown when -vh parameter value points to a + * non-empty directory. + * @throws LSCMException Thrown indirectly by + * ControlPanel::getClassInstance() call. */ - private function handleSetCacheRootInput( &$args ) + private function handleSetCacheRootInput( array &$args ) { if ( empty($args) ) { $this->cacheRootCmds[] = 'listCacheRoots'; @@ -251,7 +273,7 @@ private function handleSetCacheRootInput( &$args ) $currSvrCacheRoot = $controlPanel->getServerCacheRoot(); - if ( $this->svrCacheRootParam != $currSvrCacheRoot) { + if ( $this->svrCacheRootParam != $currSvrCacheRoot ) { if ( !Util::is_dir_empty($this->svrCacheRootParam) ) { throw new LSCMException( @@ -290,7 +312,7 @@ private function handleSetCacheRootInput( &$args ) if ( $this->vhCacheRootParam[0] == '/' ) { $updatedVhCacheRoot = - rtrim($this->vhCacheRootParam, '/') . '/$vh_user'; + rtrim($this->vhCacheRootParam, '/') . '/$vh_user'; if ( $updatedVhCacheRoot != $currVHCacheRoot && ! Util::is_dir_empty($this->vhCacheRootParam) ) { @@ -318,11 +340,13 @@ private function handleSetCacheRootInput( &$args ) /** * - * @param string[] $args + * @param string[] $args + * * @return void - * @throws LSCMException + * + * @throws LSCMException Thrown when passed version set value is invalid. */ - private function handleSetVersionInput( &$args ) + private function handleSetVersionInput( array &$args ) { if ( ($key = array_search('--list', $args)) !== false ) { unset($args[$key]); @@ -343,8 +367,8 @@ private function handleSetVersionInput( &$args ) $v = array_shift($args); - if ( preg_match('/[1-9]\.[0-9](?:\.[0-9])*(?:\.[0-9])*/', $v) !== 1 ) { - throw new LSCMException("Invalid version number ({$v})."); + if ( preg_match('/[1-9]\.\d(?:\.\d)*(?:\.\d)*/', $v) !== 1 ) { + throw new LSCMException("Invalid version number ($v)."); } $this->versionCmd = $v; @@ -352,16 +376,16 @@ private function handleSetVersionInput( &$args ) /** * - * @param string[] $args + * @param string[] $args */ - private function handleScanInput( &$args ) + private function handleScanInput( array &$args ) { if ( ($key = array_search('-n', $args)) !== false ) { unset($args[$key]); - $this->commands[] = WPInstallStorage::CMD_DISCOVER_NEW; + $this->commands[] = WPInstallStorage::CMD_DISCOVER_NEW2; } else { - $this->commands[] = WPInstallStorage::CMD_SCAN; + $this->commands[] = WPInstallStorage::CMD_SCAN2; } if ( ($key = array_search('-e', $args)) !== false ) { @@ -372,10 +396,26 @@ private function handleScanInput( &$args ) /** * - * @param string[] $args - * @return boolean + * @param string[] $args */ - private function isMassOperation( &$args ) + private function handleScanNewInput( array &$args ) + { + if ( ($key = array_search('-en', $args)) !== false ) { + unset($args[$key]); + $this->commands[] = WPInstallStorage::CMD_DISCOVER_NEW_AND_ENABLE; + } + else { + $this->commands[] = WPInstallStorage::CMD_DISCOVER_NEW2; + } + } + + /** + * + * @param string[] $args + * + * @return bool + */ + private function isMassOperation( array &$args ) { if ( ($key = array_search('-m', $args)) !== false ) { unset($args[$key]); @@ -387,11 +427,14 @@ private function isMassOperation( &$args ) /** * - * @param string $cmd - * @param string[] $args - * @throws LSCMException + * @param string $cmd + * @param string[] $args + * + * @throws LSCMException Thrown when expected WP path value is not + * provided. + * @throws LSCMException Thrown when provided an invalid WP path value. */ - private function handleSingleOperationInput( $cmd, &$args ) + private function handleSingleOperationInput( $cmd, array &$args ) { $path = array_shift($args); @@ -402,7 +445,7 @@ private function handleSingleOperationInput( $cmd, &$args ) $wpInstall = new WPInstall($path); if ( !$wpInstall->hasValidPath() ) { - throw new LSCMException("Invalid WP Path: {$path}."); + throw new LSCMException("Invalid WP Path: $path."); } $this->commands[] = $cmd; @@ -411,11 +454,35 @@ private function handleSingleOperationInput( $cmd, &$args ) /** * - * @param string $cmdType - * @param string[] $args - * @throws LSCMException + * @param string $cmdType + * @param string[] $args + * + * @throws LSCMException Thrown when neither -m nor -wppath parameters are + * provided in notify command. + * @throws LSCMException Thrown when -wppath parameter is passed without a + * value in notify command. + * @throws LSCMException Thrown when provided -wppath parameter value is + * invalid in notify command. + * @throws LSCMException Thrown when -msgfile parameter is passed without a + * value in notify command. + * @throws LSCMException Thrown when provided -msgfile parameter value + * points to a non-existent file in notify command. + * @throws LSCMException Thrown when unable to get file contents of the + * file pointed to by provided -msgfile value in notify command. + * @throws LSCMException Thrown when neither -msgfile nor -msg parameters + * are provided in notify command. + * @throws LSCMException Thrown when parameter -msg is passed without a + * value in notify command. + * @throws LSCMException Thrown when expected -plugin parameter is not + * provided in notify command. + * @throws LSCMException Thrown when provided -plugin parameter value does + * not a known plugin slug in notify command. + * @throws LSCMException Thrown when neither -m flag nor WP path value are + * provided in remove command. + * @throws LSCMException Thrown when provided WP path value is invalid in + * remove command. */ - private function handleDashNotifyInput( $cmdType, &$args ) + private function handleDashNotifyInput( $cmdType, array &$args ) { if ( $cmdType == 'notify' ) { @@ -443,7 +510,7 @@ private function handleDashNotifyInput( $cmdType, &$args ) $wpInstall = new WPInstall($path); if ( !$wpInstall->hasValidPath() ) { - throw new LSCMException("Invalid WP Path: {$path}."); + throw new LSCMException("Invalid WP Path: $path."); } $this->commands[] = UserCommand::CMD_DASH_NOTIFY; @@ -452,8 +519,6 @@ private function handleDashNotifyInput( $cmdType, &$args ) unset($args[$key], $args[$key + 1]); } - $dashInput = array(); - if ( ($key = array_search('-msgfile', $args)) !== false ) { if ( empty($args[$key + 1]) ) { @@ -494,7 +559,7 @@ private function handleDashNotifyInput( $cmdType, &$args ) $message = $args[$key + 1]; } - $dashInput['msg'] = $message; + $dashInput = array( 'msg' => $message ); unset($args[$key], $args[$key + 1]); @@ -508,15 +573,15 @@ private function handleDashNotifyInput( $cmdType, &$args ) $slug = $args[$key + 1]; - $url = - "https://api.wordpress.org/plugins/info/1.0/{$slug}.json"; - $pluginInfoJSON = Util::get_url_contents($url); + $pluginInfoJSON = Util::get_url_contents( + "https://api.wordpress.org/plugins/info/1.0/$slug.json" + ); $pluginInfo = json_decode($pluginInfoJSON, true); if ( empty($pluginInfo['name']) ) { throw new LSCMException( - 'Could not find a plugin mathcing the provided plugin ' + 'Could not find a plugin matching the provided plugin ' . 'slug.' ); } @@ -539,14 +604,14 @@ private function handleDashNotifyInput( $cmdType, &$args ) if ( $path == null ) { throw new LSCMException( - 'Invalid Command, missing WP path.' + 'Invalid Command, missing \'-m\' flag or WP path value.' ); } $wpInstall = new WPInstall($path); if ( !$wpInstall->hasValidPath() ) { - throw new LSCMException("Invalid WP Path: {$path}."); + throw new LSCMException("Invalid WP Path: $path."); } $this->commands[] = UserCommand::CMD_DASH_DISABLE; @@ -557,10 +622,14 @@ private function handleDashNotifyInput( $cmdType, &$args ) /** * - * @param string[] $args - * @throws LSCMException + * @param string[] $args + * + * @throws LSCMException Thrown when command 'cpanelplugin' is used in a + * non-cPanel environment. + * @throws LSCMException Thrown indirectly by + * ControlPanel::getClassInstance() call. */ - private function handleCpanelPluginInput( &$args ) + private function handleCpanelPluginInput( array &$args ) { $controlPanel = ControlPanel::getClassInstance(); @@ -571,42 +640,67 @@ private function handleCpanelPluginInput( &$args ) ); } - if ( $args[0] == '--install' ) { - $this->specialCmd = self::SPECIAL_CMD_CPANEL_PLUGIN_INSTALL; - unset($args[0]); - } - elseif ( $args[0] == '--uninstall' ) { - $this->specialCmd = self::SPECIAL_CMD_CPANEL_PLUGIN_UNINSTALL; - unset($args[0]); - } - elseif ( $args[0] == '-autoinstall' ) { + switch ($args[0]) { - if ( !isset($args[1]) ) { - $this->specialCmd = self::SPECIAL_CMD_CPANEL_PLUGIN_AUTOINSTALL_STATUS; - } - elseif ( "{$args[1]}" === '1' ) { - $this->specialCmd = self::SPECIAL_CMD_CPANEL_PLUGIN_AUTOINSTALL_ON; - unset($args[1]); - } - elseif ( "{$args[1]}" === '0' ) { - $this->specialCmd = self::SPECIAL_CMD_CPANEL_PLUGIN_AUTOINSTALL_OFF; - unset($args[1]); - } + case '--install': + $this->specialCmd = self::SPECIAL_CMD_CPANEL_PLUGIN_INSTALL; + unset($args[0]); + break; - unset($args[0]); - } - elseif ( $args[0] == '--fixconf') { - $this->specialCmd = self::SPECIAL_CMD_CPANEL_PLUGIN_FIX_CONF; - unset($args[0]); + case '--uninstall': + $this->specialCmd = self::SPECIAL_CMD_CPANEL_PLUGIN_UNINSTALL; + unset($args[0]); + break; + + case '-autoinstall': + + if ( !isset($args[1]) ) { + $this->specialCmd = + self::SPECIAL_CMD_CPANEL_PLUGIN_AUTOINSTALL_STATUS; + } + elseif ( "$args[1]" === '1' ) { + $this->specialCmd = + self::SPECIAL_CMD_CPANEL_PLUGIN_AUTOINSTALL_ON; + unset($args[1]); + } + elseif ( "$args[1]" === '0' ) { + $this->specialCmd = + self::SPECIAL_CMD_CPANEL_PLUGIN_AUTOINSTALL_OFF; + unset($args[1]); + } + + unset($args[0]); + break; + + case '--fixconf': + $this->specialCmd = self::SPECIAL_CMD_CPANEL_PLUGIN_FIX_CONF; + unset($args[0]); + break; + + //no default } } /** * - * @param string[] $args - * @throws LSCMException + * @param string[] $args + * + * @throws LSCMException Thrown when -wpinstall parameter is passed without + * a value. + * @throws LSCMException Thrown when expected 'docroot' value is not + * provided when using parameter -wpinstall. + * @throws LSCMException Thrown when expected 'server name' value is not + * provided when using parameter -wpinstall. + * @throws LSCMException Thrown when expected 'site url' value is not + * provided when using parameter -wpinstall. + * @throws LSCMException Thrown when -wpinstallsfile parameter is passed + * without a value. + * @throws LSCMException Thrown when provided -wpinstallsfile parameter + * value points to a non-existent file. + * @throws LSCMException Thrown when unable to get file contents of the + * file pointed to by provided -wpinstallsfile parameter value. */ - private function handleAddInstallsInput( &$args ) + private function handleAddInstallsInput( array &$args ) { switch ($args[0]) { @@ -618,7 +712,7 @@ private function handleAddInstallsInput( &$args ) ); } - $wpInstallsInfo = "{$args[1]}"; + $wpInstallsInfo = "$args[1]"; if ( empty($args[2]) ) { throw new LSCMException( @@ -626,7 +720,7 @@ private function handleAddInstallsInput( &$args ) ); } - $wpInstallsInfo .= " {$args[2]}"; + $wpInstallsInfo .= " $args[2]"; if ( empty($args[3]) ) { throw new LSCMException( @@ -634,7 +728,7 @@ private function handleAddInstallsInput( &$args ) ); } - $wpInstallsInfo .= " {$args[3]}"; + $wpInstallsInfo .= " $args[3]"; if ( empty($args[4]) ) { throw new LSCMException( @@ -642,7 +736,7 @@ private function handleAddInstallsInput( &$args ) ); } - $wpInstallsInfo .= " {$args[4]}"; + $wpInstallsInfo .= " $args[4]"; $this->commands[] = WPInstallStorage::CMD_ADD_CUST_WPINSTALLS; @@ -676,23 +770,23 @@ private function handleAddInstallsInput( &$args ) ); } - $wpInstallsInfo = explode("\n", trim($fileContent)); - $this->commands[] = WPInstallStorage::CMD_ADD_CUST_WPINSTALLS; - $input = array( 'addInstallsInfo' => $wpInstallsInfo ); - $this->input = $input; + $this->input = array( + 'addInstallsInfo' => explode("\n", trim($fileContent)) + ); unset($args[0], $args[1]); break; - // no default case + // no default } } /** * - * @throws LSCMException Thrown indirectly. + * @throws LSCMException Thrown indirectly by + * ControlPanel::getClassInstance() call. */ private function displayCacheRoots() { @@ -711,8 +805,8 @@ private function displayCacheRoots() echo <<handleSetCacheRootInput() call. + * @throws LSCMException Thrown indirectly by + * $this->handleSetVersionInput() call. + * @throws LSCMException Thrown indirectly by + * $this->handleSingleOperationInput() call. + * @throws LSCMException Thrown indirectly by + * $this->handleDashNotifyInput() call. + * @throws LSCMException Thrown indirectly by + * $this->handleDashNotifyInput() call. + * @throws LSCMException Thrown indirectly by + * $this->handleCpanelPluginInput() call. + * @throws LSCMException Thrown indirectly by + * $this->handleAddInstallsInput() call. */ - private function parseCommands( $args ) + private function parseCommands( array $args ) { $panelClassName = array_shift($args); @@ -755,6 +870,9 @@ private function parseCommands( $args ) $this->handleScanInput($args); break; + case 'scannew': + $this->handleScanNewInput($args); + break; case 'enable': case 'disable': @@ -763,7 +881,7 @@ private function parseCommands( $args ) case 'unflag': if ( $this->isMassOperation($args) ) { - $this->commands[] = "mass_{$cmd}"; + $this->commands[] = "mass_$cmd"; break; } @@ -801,8 +919,14 @@ private function parseCommands( $args ) /** * - * @param string $action - * @throws LSCMException Thrown indirectly. + * @param string $action + * + * @throws LSCMException Thrown indirectly by + * ControlPanel::getClassInstance() call. + * @throws LSCMException Thrown indirectly by + * $controlPanel->setServerCacheRoot() call. + * @throws LSCMException Thrown indirectly by + * $controlPanel->setVHCacheRoot() call. */ private function doCacheRootCommand( $action ) { @@ -811,6 +935,7 @@ private function doCacheRootCommand( $action ) $controlPanel = ControlPanel::getClassInstance(); switch ( $action ) { + case 'setSvrCacheRoot': $controlPanel->setServerCacheRoot($this->svrCacheRootParam); $restartRequired = true; @@ -835,8 +960,7 @@ private function doCacheRootCommand( $action ) Util::restartLsws(); } - $vhCacheRoot = $controlPanel->getVHCacheRoot(); - Util::ensureVHCacheRootInCage($vhCacheRoot); + Util::ensureVHCacheRootInCage($controlPanel->getVHCacheRoot()); } /** @@ -886,7 +1010,7 @@ private function doSpecialCommand() case self::SPECIAL_CMD_CPANEL_PLUGIN_AUTOINSTALL_STATUS: $state = (CPanel::isCpanelPluginAutoInstallOn()) ? 'On' : 'Off'; - echo "Auto install is currently {$state} for the LiteSpeed " + echo "Auto install is currently $state for the LiteSpeed " . "cPanel plugin.\n"; echo 'Use command \'cpanelplugin -autoinstall {0 | 1}\' to ' . "turn auto install off/on respectively.\n\n"; @@ -923,7 +1047,6 @@ private function doSpecialCommand() $controlPanel->updateCoreCpanelPluginConfSettings(); echo "Attempted to fix user-end cPanel Plugin conf.\n\n"; - break; //no default @@ -932,7 +1055,18 @@ private function doSpecialCommand() /** * - * @throws LSCMException Thrown indirectly. + * @throws LSCMException Thrown indirectly by PluginVersion::getInstance() + * call. + * @throws LSCMException Thrown indirectly by + * $pluginVerInstance->getAllowedVersions() call. + * @throws LSCMException Thrown indirectly by + * $pluginVerInstance->getLatestVersion() call. + * @throws LSCMException Thrown indirectly by + * $pluginVerInstance->setActiveVersion() call. + * @throws LSCMException Thrown indirectly by + * $pluginVerInstance->getCurrentVersion() call. + * @throws LSCMException Thrown indirectly by + * $pluginVerInstance->setActiveVersion() call. */ private function doVersionCommand() { @@ -958,7 +1092,7 @@ private function doVersionCommand() } if ( $latest == $currVer ) { - echo "Current version, {$latest}, is already the latest " + echo "Current version, $latest, is already the latest " . "version.\n"; } else { @@ -970,7 +1104,7 @@ private function doVersionCommand() case 'active': $currVer = $pluginVerInstance->getCurrentVersion(); - echo "Current active version is {$currVer}.\n"; + echo "Current active version is $currVer.\n"; break; default: @@ -980,12 +1114,33 @@ private function doVersionCommand() /** * - * @throws LSCMException Thrown indirectly. + * @throws LSCMException Thrown indirectly by Context::getLSCMDataFiles() + * call. + * @throws LSCMException Thrown indirectly by "new WPInstallStorage()" + * call. + * @throws LSCMException Thrown indirectly by $this->checkDataFile() call. + * @throws LSCMException Thrown indirectly by PluginVersion::getInstance() + * call. + * @throws LSCMException Thrown indirectly by + * $pluginVerInstance->getShortVersions() call. + * @throws LSCMException Thrown indirectly by + * $pluginVerInstance->getCurrentVersion() call. + * @throws LSCMException Thrown indirectly by + * DashNotifier::prepLocalDashPluginFiles() call. + * @throws LSCMException Thrown indirectly by + * ControlPanel::getClassInstance() call. + * @throws LSCMException Thrown indirectly by + * ControlPanel::getClassInstance()->getDocRoots() call. + * @throws LSCMException Thrown indirectly by $wpInstallStorage->scan2() + * call. + * @throws LSCMException Thrown indirectly by $wpInstallStorage->doAction() + * call. */ private function doWPInstallStorageAction() { $extraArgs = array(); $list = null; + $originalAction = null; $lscmDataFiles = Context::getLSCMDataFiles(); @@ -994,16 +1149,16 @@ private function doWPInstallStorageAction() $lscmDataFiles['custDataFile'] ); - if ($this->currWpPath) { + if ( $this->currWpPath ) { $list = array( $this->currWpPath ); } foreach ( $this->commands as $action ) { - $this->checkDataFile($action , $wpInstallStorage); + $this->checkDataFile($action, $wpInstallStorage); - echo "\nPerforming {$action} operation. Please be patient...\n\n"; + echo "\nPerforming $action operation. Please be patient...\n\n"; - switch ( $action ) { + switch ($action) { case UserCommand::CMD_UPGRADE: case UserCommand::CMD_MASS_UPGRADE: @@ -1042,24 +1197,81 @@ private function doWPInstallStorageAction() $extraArgs[] = $this->input['addInstallsInfo']; break; + case WPInstallStorage::CMD_SCAN2: + case WPInstallStorage::CMD_DISCOVER_NEW2: + case WPInstallStorage::CMD_DISCOVER_NEW_AND_ENABLE: + $wpPaths = array(); + $docroots = ControlPanel::getClassInstance()->getDocRoots(); + + foreach ( $docroots as $docroot ) { + $wpPaths = array_merge( + $wpPaths, + $wpInstallStorage->scan2($docroot) + ); + } + + $list = array(); + + if ( $action == WPInstallStorage::CMD_DISCOVER_NEW2 + || $action == WPInstallStorage::CMD_DISCOVER_NEW_AND_ENABLE ) { + + foreach( $wpPaths as $wpPath ) { + + if ( $wpInstallStorage->getWPInstall($wpPath) == null ) { + $list[] = $wpPath; + } + } + } + else { + $list = array_merge($list, $wpPaths); + } + + $originalAction = $action; + $action = WPInstallStorage::CMD_ADD_NEW_WPINSTALL; + break; + // no default case } $wpInstallStorage->doAction($action, $list, $extraArgs); + if ( $originalAction == WPInstallStorage::CMD_DISCOVER_NEW_AND_ENABLE ) { + $wpInstallStorage->doAction( + UserCommand::CMD_MASS_ENABLE, + $list + ); + } + if ( $action == UserCommand::CMD_STATUS ) { $wpInstall = $wpInstallStorage->getWPInstall($this->currWpPath); $this->printStatusMsg($wpInstall); } - echo "\n{$action} complete!\n\n"; + if ( $originalAction != null ) { + $action = $originalAction; + } + + echo "\n$action complete!\n\n"; } } /** * - * @throws LSCMException Thrown indirectly. + * @throws LSCMException Thrown indirectly by $this->doCacheRootCommand() + * call. + * @throws LSCMException Thrown indirectly by + * ControlPanel::getClassInstance() call. + * @throws LSCMException Thrown indirectly by + * $controlPanel->verifyCacheSetup() call. + * @throws LSCMException Thrown indirectly by $this->displayCacheRoots() + * call. + * @throws LSCMException Thrown indirectly by $this->doSpecialCommand() + * call. + * @throws LSCMException Thrown indirectly by $this->doVersionCommand() + * call. + * @throws LSCMException Thrown indirectly by + * $this->doWPInstallStorageAction() call. */ private function runCommand() { diff --git a/dist/add-ons/webcachemgr/src/Panel/ControlPanel.php b/dist/add-ons/webcachemgr/src/Panel/ControlPanel.php index 43a38b89d..dd4d05684 100644 --- a/dist/add-ons/webcachemgr/src/Panel/ControlPanel.php +++ b/dist/add-ons/webcachemgr/src/Panel/ControlPanel.php @@ -36,7 +36,7 @@ abstract class ControlPanel /** * @var string */ - const PANEL_API_VERSION = '1.13.13.1'; + const PANEL_API_VERSION = '1.14.0.3'; /** * @since 1.9 @@ -986,6 +986,10 @@ public static function meetsMinAPIVerRequirement() public static function checkPanelAPICompatibility( $panelAPIVer ) { $supportedAPIVers = array( + '1.14.0.3', + '1.14.0.2', + '1.14.0.1', + '1.14', '1.13.13.1', '1.13.13', '1.13.12', diff --git a/dist/add-ons/webcachemgr/src/Panel/CustomPanelBase.php b/dist/add-ons/webcachemgr/src/Panel/CustomPanelBase.php index f40923ddb..e6cdf97c3 100644 --- a/dist/add-ons/webcachemgr/src/Panel/CustomPanelBase.php +++ b/dist/add-ons/webcachemgr/src/Panel/CustomPanelBase.php @@ -4,7 +4,7 @@ * LiteSpeed Web Server Cache Manager * * @author LiteSpeed Technologies, Inc. (https://www.litespeedtech.com) - * @copyright (c) 2020-2022 + * @copyright (c) 2020-2021 * @since 1.10 * ******************************************* */ diff --git a/dist/add-ons/webcachemgr/src/Panel/DirectAdmin.php b/dist/add-ons/webcachemgr/src/Panel/DirectAdmin.php index 7db4aedd5..3784066f9 100644 --- a/dist/add-ons/webcachemgr/src/Panel/DirectAdmin.php +++ b/dist/add-ons/webcachemgr/src/Panel/DirectAdmin.php @@ -4,7 +4,7 @@ * LiteSpeed Web Server Cache Manager * * @author: LiteSpeed Technologies, Inc. (https://www.litespeedtech.com) - * @copyright: (c) 2019-2022 + * @copyright: (c) 2019-2021 * ******************************************* */ namespace Lsc\Wp\Panel; diff --git a/dist/add-ons/webcachemgr/src/Panel/Plesk.php b/dist/add-ons/webcachemgr/src/Panel/Plesk.php index 5cf11e417..1c8a51092 100644 --- a/dist/add-ons/webcachemgr/src/Panel/Plesk.php +++ b/dist/add-ons/webcachemgr/src/Panel/Plesk.php @@ -4,7 +4,7 @@ * LiteSpeed Web Server Cache Manager * * @author LiteSpeed Technologies, Inc. (https://www.litespeedtech.com) - * @copyright (c) 2018-2022 + * @copyright (c) 2018-2021 * ******************************************* */ namespace Lsc\Wp\Panel; diff --git a/dist/add-ons/webcachemgr/src/PluginVersion.php b/dist/add-ons/webcachemgr/src/PluginVersion.php index e7c40d543..dbd5bd77b 100644 --- a/dist/add-ons/webcachemgr/src/PluginVersion.php +++ b/dist/add-ons/webcachemgr/src/PluginVersion.php @@ -3,28 +3,47 @@ /** ********************************************* * LiteSpeed Web Server Cache Manager * - * @author LiteSpeed Technologies, Inc. (https://www.litespeedtech.com) - * @copyright (c) 2018-2022 + * @author Michael Alegre + * @copyright (c) 2018-2022 LiteSpeed Technologies, Inc. * ******************************************* */ namespace Lsc\Wp; -use \Lsc\Wp\Context\Context; +use Lsc\Wp\Context\Context; class PluginVersion { + /** + * @var string + */ const DEFAULT_PLUGIN_PATH = '/wp-content/plugins/litespeed-cache'; /** * @deprecated 1.9 + * @var string */ const DOWNLOAD_DIR = '/usr/src/litespeed-wp-plugin'; + /** + * @var string + */ const LSCWP_DEFAULTS_INI_FILE_NAME = 'const.default.ini'; + + /** + * @var string + */ const PLUGIN_NAME = 'litespeed-cache'; + + /** + * @var string + */ const TRANSLATION_CHECK_FLAG_BASE = '.ls_translation_check'; + + /** + * @var string + */ const VER_MD5 = 'lscwp_md5'; /** @@ -66,7 +85,7 @@ class PluginVersion /** * - * @throws LSCMException Thrown indirectly. + * @throws LSCMException Thrown indirectly by $this->init() call. */ protected function __construct() { @@ -74,7 +93,10 @@ protected function __construct() } /** - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by Context::isPrivileged() call. + * @throws LSCMException Thrown indirectly by $this->refreshVersionList() + * call. */ protected function init() { @@ -88,7 +110,8 @@ protected function init() /** * * @return PluginVersion - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by Context::getOption() call. */ public static function getInstance() { @@ -108,9 +131,12 @@ public static function getInstance() * version of this list will no longer be available once * this function is removed. * - * @param bool $formatted + * @param bool $formatted + * * @return string[] - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by $this->setKnownVersions() + * call. */ public function getKnownVersions( $formatted = false ) { @@ -146,7 +172,9 @@ public function getKnownVersions( $formatted = false ) /** * * @return string[] - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by $this->setAllowedVersions() + * call. */ public function getAllowedVersions() { @@ -162,7 +190,9 @@ public function getAllowedVersions() * @since 4.1.3 * * @return string[] - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by $this->setShortVersions() + * call. */ public function getShortVersions() { @@ -176,20 +206,24 @@ public function getShortVersions() /** * * @return string - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by $this->getAllowedVersions() + * call. */ public function getLatestVersion() { $allowedVers = $this->getAllowedVersions(); - return (isset($allowedVers[0])) ? $allowedVers[0] : ''; } /** * * @return string - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by self::getInstance() call. + * @throws LSCMException Thrown indirectly by + * $instance->setCurrentVersion() call. */ public static function getCurrentVersion() { @@ -224,13 +258,14 @@ protected function setVersionFiles() * @deprecated 1.9 * @since 1.9 * - * @throws LSCMException + * @throws LSCMException Thrown indirectly by Context::getLSCMDataDir() + * call. */ protected function checkOldVersionFiles() { $dataDir = Context::getLSCMDataDir(); - $oldVersionsFile = "{$dataDir}/lscwp_versions"; - $oldActiveFile = "{$dataDir}/lscwp_active_version"; + $oldVersionsFile = "$dataDir/lscwp_versions"; + $oldActiveFile = "$dataDir/lscwp_active_version"; if ( file_exists($oldActiveFile) ) { @@ -245,7 +280,11 @@ protected function checkOldVersionFiles() /** * - * @throws LSCMException Thrown indirectly. + * @throws LSCMException Thrown indirectly by $this->checkOldVersionFiles() + * call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. */ public function setCurrentVersion() { @@ -296,7 +335,7 @@ private function getActiveVersion() * @deprecated 4.1.3 This function will be removed in favor of * pre-formatted $this->setShortVersions(). * - * @throws LSCMException + * @throws LSCMException Thrown when LSCWP version list cannot be found. */ protected function setKnownVersions() { @@ -316,7 +355,8 @@ protected function setKnownVersions() /** * - * @throws LSCMException + * @throws LSCMException Thrown when LSCWP version list cannot be found. + * @throws LSCMException Thrown when LSCWP version list content is empty. */ protected function setAllowedVersions() { @@ -331,14 +371,22 @@ protected function setAllowedVersions() preg_match('/allowed\s{(.*)}/sU', $content, $m); - $this->allowedVersions = explode("\n", trim($m[1])); + if ( ($list = trim($m[1])) == '' ) { + throw new LSCMException( + 'LSCWP version list is empty.', + LSCMException::E_NON_FATAL + ); + } + + $this->allowedVersions = explode("\n", $list); } /** * * @since 4.1.3 * - * @throws LSCMException + * @throws LSCMException Thrown when LSCWP version list cannot be found. + * @throws LSCMException Thrown when LSCWP version list content is empty. */ protected function setShortVersions() { @@ -353,15 +401,28 @@ protected function setShortVersions() preg_match('/short\s{(.*)}/sU', $content, $m); - $this->shortVersions = explode("\n", trim($m[1])); + if ( ($list = trim($m[1])) == '' ) { + throw new LSCMException( + 'LSCWP version list is empty.', + LSCMException::E_NON_FATAL + ); + } + + $this->shortVersions = explode("\n", $list); + } /** * - * @param string $version Valid LSCWP version. - * @param boolean $init True when trying to set initial active - * version. - * @throws LSCMException Thrown indirectly. + * @param string $version Valid LSCWP version. + * @param bool $init True when trying to set initial active version. + * + * @throws LSCMException Thrown indirectly by $this->getAllowedVersions() + * call. + * @throws LSCMException Thrown indirectly by Logger::error() call. + * @throws LSCMException Thrown indirectly by $this->downloadVersion() + * call. + * @throws LSCMException Thrown indirectly by Logger::notice() call. */ public function setActiveVersion( $version, $init = false ) { @@ -385,8 +446,8 @@ public function setActiveVersion( $version, $init = false ) } Logger::error( - "Version {$badVer} not in allowed list, reset active " - . "version to {$version}." + "Version $badVer not in allowed list, reset active " + . "version to $version." ); } @@ -398,14 +459,15 @@ public function setActiveVersion( $version, $init = false ) $this->currVersion = $version; file_put_contents($this->activeFile, $version); - Logger::notice("Current active LSCWP version is now {$version}."); + Logger::notice("Current active LSCWP version is now $version."); } } /** * - * @param boolean $isforced - * @throws LSCMException Thrown indirectly. + * @param bool $isforced + * + * @throws LSCMException Thrown indirectly by Logger::info() call. */ protected function refreshVersionList( $isforced = false ) { @@ -437,8 +499,9 @@ protected function refreshVersionList( $isforced = false ) * * @deprecated 4.1.3 No longer used. * - * @param string $ver Version string. - * @return boolean + * @param string $ver Version string. + * + * @return bool */ protected function filterVerList( $ver ) { @@ -450,15 +513,24 @@ protected function filterVerList( $ver ) * copies them to the installation's plugins directory if not found. * This function should only be run as the user. * - * @param string $pluginDir The WordPress plugin directory. - * @param string $version The version of LSCWP to be used when - * copying over plugin files. - * @return boolean True when new LSCWP plugin files are used. - * @throws LSCMException + * @param string $pluginDir The WordPress plugin directory. + * @param string $version The version of LSCWP to be used when copying + * over plugin files. + * + * @return bool True when new LSCWP plugin files are used. + * + * @throws LSCMException Thrown when LSCWP source package is not available + * for the provided version. + * @throws LSCMException Thrown when LSCWP plugin files could not be copied + * to plugin directory. + * @throws LSCMException Thrown indirectly by self::getInstance() call. + * @throws LSCMException Thrown indirectly by + * $instance->getCurrentVersion() call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. */ public static function prepareUserInstall( $pluginDir, $version = '' ) { - $lscwp_plugin = "{$pluginDir}/litespeed-cache/litespeed-cache.php"; + $lscwp_plugin = "$pluginDir/litespeed-cache/litespeed-cache.php"; if ( file_exists($lscwp_plugin) ) { /** @@ -475,29 +547,31 @@ public static function prepareUserInstall( $pluginDir, $version = '' ) if ( !$instance->hasDownloadedVersion($version) ) { throw new LSCMException( - "Source Package not available for version {$version}.", + "Source Package not available for version $version.", LSCMException::E_NON_FATAL ); } $pluginSrc = - Context::LOCAL_PLUGIN_DIR . "/{$version}/" . self::PLUGIN_NAME; - exec("/bin/cp --preserve=mode -rf {$pluginSrc} {$pluginDir}"); + Context::LOCAL_PLUGIN_DIR . "/$version/" . self::PLUGIN_NAME; + exec("/bin/cp --preserve=mode -rf $pluginSrc $pluginDir"); if ( !file_exists($lscwp_plugin) ) { throw new LSCMException( - "Failed to copy plugin files to {$pluginDir}.", + "Failed to copy plugin files to $pluginDir.", LSCMException::E_NON_FATAL ); } $customIni = Context::LOCAL_PLUGIN_DIR . '/' . self::LSCWP_DEFAULTS_INI_FILE_NAME; - $defaultIni = "{$pluginDir}/litespeed-cache/data/" - . self::LSCWP_DEFAULTS_INI_FILE_NAME; if ( file_exists($customIni) ) { - copy($customIni, $defaultIni); + copy( + $customIni, + "$pluginDir/litespeed-cache/data/" + . self::LSCWP_DEFAULTS_INI_FILE_NAME + ); } Logger::debug( @@ -510,14 +584,15 @@ public static function prepareUserInstall( $pluginDir, $version = '' ) /** * - * @param string $version - * @return boolean + * @param string $version + * + * @return bool */ protected function hasDownloadedVersion( $version ) { - $dir = Context::LOCAL_PLUGIN_DIR . "/{$version}"; - $md5file = "{$dir}/" . self::VER_MD5; - $plugin = "{$dir}/" . self::PLUGIN_NAME; + $dir = Context::LOCAL_PLUGIN_DIR . "/$version"; + $md5file = "$dir/" . self::VER_MD5; + $plugin = "$dir/" . self::PLUGIN_NAME; if ( !file_exists($md5file) || !is_dir($plugin) ) { return false; @@ -531,29 +606,37 @@ protected function hasDownloadedVersion( $version ) /** * - * @param string $version - * @param string $dir - * @param boolean $saveMD5 - * @throws LSCMException + * @param string $version + * @param string $dir + * @param bool $saveMD5 + * + * @throws LSCMException Thrown when wget command for downloaded LSCWP + * version fails. + * @throws LSCMException Thrown when unable to unzip LSCWP zip file. + * @throws LSCMException Thrown when unzipped LSCWP files do not contain + * expected test file. + * @throws LSCMException Thrown indirectly by Logger::info() call. + * @throws LSCMException Thrown indirectly by Util::unzipFile() call. */ protected function wgetPlugin( $version, $dir, $saveMD5 = false ) { - Logger::info("Downloading LSCache for WordPress v{$version}..."); + Logger::info("Downloading LSCache for WordPress v$version..."); - $plugin = "{$dir}/" . self::PLUGIN_NAME; - $zipFile = self::PLUGIN_NAME . ".{$version}.zip"; - $localZipFile = "{$dir}/{$zipFile}"; + $plugin = "$dir/" . self::PLUGIN_NAME; + $zipFile = self::PLUGIN_NAME . ".$version.zip"; + $localZipFile = "$dir/$zipFile"; - $url = "https://downloads.wordpress.org/plugin/{$zipFile}"; - $wget_command = - "wget -q --tries=1 --no-check-certificate {$url} -P {$dir}"; - - exec($wget_command, $output, $return_var); + exec( + 'wget -q --tries=1 --no-check-certificate' + . " https://downloads.wordpress.org/plugin/$zipFile -P $dir", + $output, + $return_var + ); if ( $return_var !== 0 ) { throw new LSCMException( - "Failed to download LSCWP v{$version} with wget " - . "exit status {$return_var}.", + "Failed to download LSCWP v$version with wget exit status " + . "$return_var.", LSCMException::E_NON_FATAL ); } @@ -563,46 +646,48 @@ protected function wgetPlugin( $version, $dir, $saveMD5 = false ) if ( !$extracted ) { throw new LSCMException( - "Unable to unzip {$localZipFile}", + "Unable to unzip $localZipFile", LSCMException::E_NON_FATAL ); } - $testfile = "{$plugin}/" . self::PLUGIN_NAME . '.php'; - - if ( !file_exists($testfile) ) { + if ( !file_exists("$plugin/" . self::PLUGIN_NAME . '.php') ) { throw new LSCMException( - "Unable to download LSCWP v{$version}.", + "Test file not found. Downloaded LSCWP v$version is invalid.", LSCMException::E_NON_FATAL ); } if ( $saveMD5 ) { - $md5_val = Util::DirectoryMd5($plugin); - file_put_contents("{$dir}/" . self::VER_MD5, $md5_val); + file_put_contents( + "$dir/" . self::VER_MD5, + Util::DirectoryMd5($plugin) + ); } } /** * - * @param string $version - * @throws LSCMException + * @param string $version + * + * @throws LSCMException Thrown when download dir could not be created. + * @throws LSCMException Thrown indirectly by $this->wgetPlugin() call. */ protected function downloadVersion( $version ) { - $dir = Context::LOCAL_PLUGIN_DIR . "/{$version}"; + $dir = Context::LOCAL_PLUGIN_DIR . "/$version"; if ( !file_exists($dir) ) { if ( !mkdir($dir, 0755, true) ) { throw new LSCMException( - "Failed to create download dir {$dir}.", + "Failed to create download dir $dir.", LSCMException::E_NON_FATAL ); } } else { - exec("/bin/rm -rf {$dir}/*"); + exec("/bin/rm -rf $dir/*"); } $this->wgetPlugin($version, $dir, true); @@ -610,29 +695,28 @@ protected function downloadVersion( $version ) /** * - * @param string $locale - * @param string $pluginVer - * @return boolean + * @param string $locale + * @param string $pluginVer + * + * @return bool + * * @throws LSCMException Thrown indirectly. */ public static function retrieveTranslation( $locale, $pluginVer ) { Logger::info( - "Downloading LSCache for WordPress {$locale} translation..." + "Downloading LSCache for WordPress $locale translation..." ); $translationDir = - Context::LOCAL_PLUGIN_DIR . "/{$pluginVer}/translations"; - $zipFile = "{$locale}.zip"; - $localZipFile = "{$translationDir}/{$zipFile}"; + Context::LOCAL_PLUGIN_DIR . "/$pluginVer/translations"; if ( !file_exists($translationDir) ) { mkdir($translationDir, 0755); } touch( - "$translationDir/" . self::TRANSLATION_CHECK_FLAG_BASE - . "_{$locale}" + "$translationDir/" . self::TRANSLATION_CHECK_FLAG_BASE . "_$locale" ); /** @@ -642,37 +726,39 @@ public static function retrieveTranslation( $locale, $pluginVer ) * as we do not assume that root has the ability to unzip. */ $url = 'https://downloads.wordpress.org/translation/plugin/' - . "litespeed-cache/{$pluginVer}/{$locale}.zip"; - $wget_command = 'wget -q --tries=1 --no-check-certificate ' - . "{$url} -P {$translationDir}"; + . "litespeed-cache/$pluginVer/$locale.zip"; - exec($wget_command, $output, $return_var); + exec( + "wget -q --tries=1 --no-check-certificate $url -P $translationDir", + $output, + $return_var + ); if ( $return_var !== 0 ) { return false; } /** - * WordPress user can unzip for us if this call fails. + * The WordPress user can unzip for us if this call fails. */ - Util::unzipFile($localZipFile, $translationDir); + Util::unzipFile("$translationDir/$locale.zip", $translationDir); return true; } /** * - * @param string $locale - * @param string $pluginVer - * @throws LSCMException Thrown indirectly. + * @param string $locale + * @param string $pluginVer + * + * @throws LSCMException Thrown indirectly by Logger::info() call. */ public static function removeTranslationZip( $locale, $pluginVer ) { - Logger::info("Removing LSCache for WordPress {$locale} translation..."); + Logger::info("Removing LSCache for WordPress $locale translation..."); $zipFile = realpath( - Context::LOCAL_PLUGIN_DIR - . "/{$pluginVer}/translations/{$locale}.zip" + Context::LOCAL_PLUGIN_DIR . "/$pluginVer/translations/$locale.zip" ); $realPathStart = substr($zipFile, 0, strlen(Context::LOCAL_PLUGIN_DIR)); diff --git a/dist/add-ons/webcachemgr/src/RedefineGlobalFuncs.php b/dist/add-ons/webcachemgr/src/RedefineGlobalFuncs.php index 96666f59d..d16565e0e 100644 --- a/dist/add-ons/webcachemgr/src/RedefineGlobalFuncs.php +++ b/dist/add-ons/webcachemgr/src/RedefineGlobalFuncs.php @@ -4,7 +4,7 @@ * LiteSpeed Web Server Cache Manager * * @author LiteSpeed Technologies, Inc. (https://www.litespeedtech.com) - * @copyright (c) 2022 + * @copyright (c) 2021 * @since 1.13.10 * ******************************************* */ diff --git a/dist/add-ons/webcachemgr/src/UserCommand.php b/dist/add-ons/webcachemgr/src/UserCommand.php index 7b867938b..2a947d59f 100644 --- a/dist/add-ons/webcachemgr/src/UserCommand.php +++ b/dist/add-ons/webcachemgr/src/UserCommand.php @@ -3,18 +3,18 @@ /** ********************************************* * LiteSpeed Web Server Cache Manager * - * @author LiteSpeed Technologies, Inc. (https://www.litespeedtech.com) - * @copyright (c) 2018-2020 + * @author Michael Alegre + * @copyright (c) 2018-2022 LiteSpeed Technologies, Inc. * ******************************************* */ namespace Lsc\Wp; -use \Exception; -use \Lsc\Wp\Context\Context; -use \Lsc\Wp\Context\ContextOption; -use \Lsc\Wp\Context\UserCLIContextOption; -use \Lsc\Wp\Panel\ControlPanel; +use Exception; +use Lsc\Wp\Context\Context; +use Lsc\Wp\Context\ContextOption; +use Lsc\Wp\Context\UserCLIContextOption; +use Lsc\Wp\Panel\ControlPanel; /** * Running as user - suexec @@ -22,29 +22,124 @@ class UserCommand { + /** + * @var int + */ const EXIT_ERROR = 1; + + /** + * @var int + */ const EXIT_SUCC = 2; + + /** + * @var int + */ const EXIT_FAIL = 4; + + /** + * @var int + */ const EXIT_INCR_SUCC = 8; + + /** + * @var int + */ const EXIT_INCR_FAIL = 16; + + /** + * @var int + */ const EXIT_INCR_BYPASS = 32; + + /** + * @var int + */ const RETURN_CODE_TIMEOUT = 124; + + /** + * @var string + */ const CMD_STATUS = 'status'; + + /** + * @var string + */ const CMD_ENABLE = 'enable'; + + /** + * @var string + */ const CMD_DIRECT_ENABLE = 'direct_enable'; + + /** + * @var string + */ const CMD_MASS_ENABLE = 'mass_enable'; + + /** + * @var string + */ const CMD_DISABLE = 'disable'; + + /** + * @var string + */ const CMD_MASS_DISABLE = 'mass_disable'; + + /** + * @var string + */ const CMD_UPGRADE = 'upgrade'; + + /** + * @var string + */ const CMD_MASS_UPGRADE = 'mass_upgrade'; + + /** + * @var string + */ const CMD_UPDATE_TRANSLATION = 'update_translation'; + + /** + * @var string + */ const CMD_REMOVE_LSCWP_PLUGIN_FILES = 'remove_lscwp_plugin_files'; + + /** + * @var string + */ const CMD_DASH_NOTIFY = 'dash_notify'; + + /** + * @var string + */ const CMD_MASS_DASH_NOTIFY = 'mass_dash_notify'; + + /** + * @var string + */ const CMD_DASH_DISABLE = 'dash_disable'; + + /** + * @var string + */ const CMD_MASS_DASH_DISABLE = 'mass_dash_disable'; + + /** + * @var string + */ const CMD_DASH_GET_MSG = 'dash_get_msg'; + + /** + * @var string + */ const CMD_DASH_ADD_MSG = 'dash_add_msg'; + + /** + * @var string + */ const CMD_DASH_DELETE_MSG = 'dash_delete_msg'; /** @@ -56,7 +151,7 @@ class UserCommand /** * @var bool */ - private $asUser = false; + private $asUser; /** * @var WPInstall @@ -75,14 +170,13 @@ class UserCommand /** * - * @param boolean $asUser - * @throws LSCMException Thrown indirectly. + * @param bool $asUser + * + * @throws LSCMException Thrown indirectly by Context::initialize() call. */ private function __construct( $asUser = false ) { - $this->asUser = $asUser; - - if ( $asUser ) { + if ( ($this->asUser = $asUser) ) { require_once __DIR__ . '/../autoloader.php'; date_default_timezone_set('UTC'); Context::initialize(new UserCLIContextOption('userCommand')); @@ -93,14 +187,20 @@ private function __construct( $asUser = false ) * Handles logging unexpected error output (or not if too long) and returns * a crafted message to be displayed instead. * - * @param WPInstall $wpInstall WordPress Installation object. - * @param string $err Compiled error message. - * @param int $lines Number of $output lines read into the - * error msg. - * @return string Message to be displayed instead. - * @throws LSCMException Thrown indirectly. + * @param WPInstall $wpInstall WordPress Installation object. + * @param string $err Compiled error message. + * @param int $lines Number of $output lines read into the error + * msg. + * + * @return string Message to be displayed instead. + * + * @throws LSCMException Thrown indirectly by Logger::error() call. + * @throws LSCMException Thrown indirectly by Logger::error() call. */ - private static function handleUnexpectedError( $wpInstall, &$err, $lines ) + private static function handleUnexpectedError( + WPInstall $wpInstall, + $err, + $lines ) { $msg = 'Unexpected Error Encountered!'; $path = $wpInstall->getPath(); @@ -120,67 +220,80 @@ private static function handleUnexpectedError( $wpInstall, &$err, $lines ) foreach ( $commonErrs as $statusBit => $commonErr ) { if ( strpos($err, $commonErr) !== false ) { - $wpInstall->unsetStatusBit(WPInstall::ST_ERR_EXECMD); $wpInstall->setStatusBit($statusBit); - $msg .= " {$commonErr}."; + $msg .= " $commonErr."; $match = true; break; } } if ( !$match ) { - Logger::error("{$path} - {$err}"); - return "{$msg} See " . ContextOption::LOG_FILE_NAME + Logger::error("$path - $err"); + return "$msg See " . ContextOption::LOG_FILE_NAME . " for more information."; } } - Logger::error("{$path} - {$msg}"); + Logger::error("$path - $msg"); return $msg; } /** + * Parse out locale and plugin version information from issue() result + * output GET_TRANSLATION or BAD_TRANSLATION line. * - * @since 1.9 + * @since 1.14 + * + * @param string $line * - * @param WPInstall $wpInstall - * @param string $output - * @throws LSCMException Thrown indirectly. + * @return string[] */ - private static function handleGetTranslationOutput( WPInstall $wpInstall, - $output ) + private static function parseTranslationLocaleAndPluginVer( $line ) { - $translationInfo = explode(' ', $output); - $locale = $translationInfo[0]; - $lscwpVer = $translationInfo[1]; + list($locale, $pluginVer) = explode(' ', $line); - if ( PluginVersion::retrieveTranslation($locale, $lscwpVer) ) { + return array( 'locale' => $locale, 'pluginVer' => $pluginVer ); + } - $subAction = self::CMD_UPDATE_TRANSLATION; - $subCmd = self::getIssueCmd($subAction, $wpInstall); + /** + * + * @since 1.9 + * + * @param WPInstall $wpInstall + * @param string $output + * + * @throws LSCMException Thrown indirectly by + * PluginVersion::retrieveTranslation() call. + * @throws LSCMException Thrown indirectly by self::subCommandIssue() call. + * @throws LSCMException Thrown indirectly by + * PluginVersion::removeTranslationZip() call. + */ + private static function handleGetTranslationOutput( + WPInstall $wpInstall, + $output ) + { + $translationInfo = self::parseTranslationLocaleAndPluginVer($output); - exec($subCmd, $subOutput, $subReturn_var); + $translationRetrieved = PluginVersion::retrieveTranslation( + $translationInfo['locale'], + $translationInfo['pluginVer'] + ); - Logger::debug( - 'Issue sub command ' - . "{$subAction}={$subReturn_var} {$wpInstall}\n{$subCmd}" - ); - Logger::debug('sub output = ' . var_export($subOutput, true)); + if ( $translationRetrieved ) { + $subOutput = + self::subCommandIssue(self::CMD_UPDATE_TRANSLATION, $wpInstall); foreach ( $subOutput as $subLine ) { - if ( preg_match('/BAD_TRANSLATION=(.+)/', $subLine, - $m) ) { - - $translationInfo = explode(' ', $m[1]); - $locale = $translationInfo[0]; - $lscwpVer = $translationInfo[1]; + if ( preg_match('/BAD_TRANSLATION=(.+)/', $subLine, $m) ) { + $badTranslationInfo = + self::parseTranslationLocaleAndPluginVer($m[1]); PluginVersion::removeTranslationZip( - $locale, - $lscwpVer + $badTranslationInfo['locale'], + $badTranslationInfo['pluginVer'] ); } } @@ -191,16 +304,25 @@ private static function handleGetTranslationOutput( WPInstall $wpInstall, * * @since 1.9 * - * @param WPInstall $wpInstall - * @param string $line - * @param int $retStatus - * @param int $cmdStatus - * @param string $err - * @return boolean - * @throws LSCMException Thrown indirectly. + * @param WPInstall $wpInstall + * @param string $line + * @param int $retStatus + * @param int $cmdStatus + * @param string $err + * + * @return bool + * + * @throws LSCMException Thrown indirectly by + * $wpInstall->populateDataFromUrl() call. + * @throws LSCMException Thrown indirectly by + * self::handleGetTranslationOutput() call. */ - private static function handleResultOutput( WPInstall $wpInstall, $line, - &$retStatus, &$cmdStatus, &$err ) + private static function handleResultOutput( + WPInstall $wpInstall, + $line, + &$retStatus, + &$cmdStatus, + &$err ) { if ( preg_match('/SITEURL=(.+)/', $line, $m) ) { @@ -232,44 +354,43 @@ private static function handleResultOutput( WPInstall $wpInstall, $line, self::handleGetTranslationOutput($wpInstall, $m[1]); } else { - $err .= "Unexpected result line: {$line}\n"; + $err .= "Unexpected result line: $line\n"; } return true; } /** + * * @since 1.9 * - * @param WPInstall $wpInstall - * @throws LSCMException Thrown indirectly. + * @param WPInstall $wpInstall + * + * @throws LSCMException Thrown indirectly by self::subCommandIssue() call. */ - private static function removeLeftoverLscwpFiles( $wpInstall ) + private static function removeLeftoverLscwpFiles( WPInstall $wpInstall ) { - $subAction = self::CMD_REMOVE_LSCWP_PLUGIN_FILES; - $subCmd = self::getIssueCmd($subAction, $wpInstall); - - exec($subCmd, $subOutput, $subReturn_var); - - Logger::debug( - "Issue sub command " - . "{$subAction}={$subReturn_var} {$wpInstall}\n{$subCmd}" - ); - Logger::debug('sub output = ' . var_export($subOutput, true)); + self::subCommandIssue(self::CMD_REMOVE_LSCWP_PLUGIN_FILES, $wpInstall); $wpInstall->removeNewLscwpFlagFile(); } /** * - * @param string $action - * @param WPInstall $wpInstall - * @param mixed[] $extraArgs + * @param string $action + * @param WPInstall $wpInstall + * @param array $extraArgs + * * @return string - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by $wpInstall->getPhpBinary() + * call. + * @throws LSCMException Thrown indirectly by Context::getOption() call. */ - protected static function getIssueCmd( $action, WPInstall $wpInstall, - $extraArgs = array() ) + protected static function getIssueCmd( + $action, + WPInstall $wpInstall, + array $extraArgs = array() ) { $su = $wpInstall->getSuCmd(); $timeout = ControlPanel::PHP_TIMEOUT; @@ -292,28 +413,36 @@ protected static function getIssueCmd( $action, WPInstall $wpInstall, $modifier = implode(' ', $extraArgs); $file = __FILE__; - return "{$su} -c \"cd {$path}/wp-admin && timeout {$timeout} {$phpBin} " - . "{$file} {$action} {$path} {$docRoot} {$serverName} {$env}" - . (($modifier !== '') ? " {$modifier}\"" : '"'); + return "$su -c \"cd $path/wp-admin && timeout $timeout $phpBin $file " + . "$action $path $docRoot $serverName $env" + . (($modifier !== '') ? " $modifier\"" : '"'); } /** * * @since 1.12 * - * @param string $action - * @param WPInstall $wpInstall - * @param string[] $extraArgs - * @return null|mixed - * @throws LSCMException Thrown indirectly. + * @param string $action + * @param WPInstall $wpInstall + * @param string[] $extraArgs + * + * @return null|string + * + * @throws LSCMException Thrown indirectly by self::preIssueValidation() + * call. + * @throws LSCMException Thrown indirectly by self::getIssueCmd() call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. + * @throws LSCMException Thrown indirectly by Logger::logMsg() call. + * @throws LSCMException Thrown indirectly by Logger::logMsg() call. */ - public static function getValueFromWordPress( $action, - WPInstall $wpInstall, $extraArgs = array() ) + public static function getValueFromWordPress( + $action, + WPInstall $wpInstall, + array $extraArgs = array() ) { - $ret = null; - if ( !self::preIssueValidation($action, $wpInstall, $extraArgs) ) { - return $ret; + return null; } $cmd = self::getIssueCmd($action, $wpInstall, $extraArgs); @@ -321,11 +450,11 @@ public static function getValueFromWordPress( $action, exec($cmd, $output, $return_var); Logger::debug( - "getValueFromWordPress command " - . "{$action}={$return_var} {$wpInstall}\n{$cmd}" + "getValueFromWordPress command $action=$return_var $wpInstall\n$cmd" ); Logger::debug('output = ' . var_export($output, true)); + $ret = null; $debug = $upgrade = $err = ''; $curr = &$err; @@ -344,7 +473,7 @@ public static function getValueFromWordPress( $action, $ret = $m[1]; } else { - $err .= "Unexpected result line {$line}\n"; + $err .= "Unexpected result line $line\n"; } } elseif ( ($pos = strpos($line, '[DEBUG]')) !== false ) { @@ -356,18 +485,18 @@ public static function getValueFromWordPress( $action, $curr = &$upgrade; } else { - $curr .= "{$line}\n"; + $curr .= "$line\n"; } } $path = $wpInstall->getPath(); if ( $debug ) { - Logger::logMsg("{$path} - {$debug}", Logger::L_DEBUG); + Logger::logMsg("$path - $debug", Logger::L_DEBUG); } if ( $err ) { - Logger::logMsg("{$path} - {$err}", Logger::L_ERROR); + Logger::logMsg("$path - $err", Logger::L_ERROR); } return $ret; @@ -375,14 +504,62 @@ public static function getValueFromWordPress( $action, /** * - * @param string $action - * @param WPInstall $wpInstall - * @param string[] $extraArgs - * @return boolean - * @throws LSCMException Thrown indirectly. + * @since 1.14 + * + * @param string $subAction + * @param WPInstall $wpInstall + * + * @return string[] + * + * @throws LSCMException Thrown indirectly by self::getIssueCmd() call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. + */ + private static function subCommandIssue( + $subAction, + WPInstall $wpInstall ) + { + $subCmd = self::getIssueCmd($subAction, $wpInstall); + + exec($subCmd, $subOutput, $subReturn_var); + + Logger::debug( + "Issue sub command $subAction=$subReturn_var $wpInstall\n$subCmd" + ); + Logger::debug('sub output = ' . var_export($subOutput, true)); + + return $subOutput; + } + + /** + * + * @param string $action + * @param WPInstall $wpInstall + * @param string[] $extraArgs + * + * @return bool + * + * @throws LSCMException Thrown indirectly by self::preIssueValidation() + * call. + * @throws LSCMException Thrown indirectly by self::getIssueCmd() call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. + * @throws LSCMException Thrown indirectly by + * self::removeLeftoverLscwpFiles() call. + * @throws LSCMException Thrown indirectly by self::handleResultOutput() + * call. + * @throws LSCMException Thrown indirectly by Logger::logMsg() call. + * @throws LSCMException Thrown indirectly by Logger::logMsg() call. + * @throws LSCMException Thrown indirectly by $wpInstall->addUserFlagFile() + * call. + * @throws LSCMException Thrown indirectly by Logger::error() call. + * @throws LSCMException Thrown indirectly by self::handleUnexpectedError() + * call. */ - public static function issue( $action, WPInstall $wpInstall, - $extraArgs = array() ) + public static function issue( + $action, + WPInstall $wpInstall, + array $extraArgs = array() ) { if ( !self::preIssueValidation($action, $wpInstall, $extraArgs) ) { return false; @@ -393,7 +570,7 @@ public static function issue( $action, WPInstall $wpInstall, exec($cmd, $output, $return_var); Logger::debug( - "Issue command {$action}={$return_var} {$wpInstall}\n{$cmd}" + "Issue command $action=$return_var $wpInstall\n$cmd" ); Logger::debug('output = ' . var_export($output, true)); @@ -404,13 +581,16 @@ public static function issue( $action, WPInstall $wpInstall, $errorStatus = $retStatus = $cmdStatus = 0; switch ( $return_var ) { + case UserCommand::RETURN_CODE_TIMEOUT: $errorStatus |= WPInstall::ST_ERR_TIMEOUT; break; + case UserCommand::EXIT_ERROR: case 255: $errorStatus |= WPInstall::ST_ERR_EXECMD; break; + //no default } @@ -447,7 +627,7 @@ public static function issue( $action, WPInstall $wpInstall, return false; } } - elseif ( $pos = (strpos($line, '[SUCCESS]')) !== false ) { + elseif ( ($pos = strpos($line, '[SUCCESS]')) !== false ) { $succ .= substr($line, $pos + 9) . "\n"; $curr = &$succ; } @@ -455,16 +635,16 @@ public static function issue( $action, WPInstall $wpInstall, $err .= substr($line, $pos + 7) . "\n"; $curr = &$err; } - elseif ( ($pos = strpos($line, '[LOG]')) !== false ) { + elseif ( strpos($line, '[LOG]') !== false ) { if ( $logMsg != '' ) { Logger::logMsg(trim($logMsg), $logLvl); $logMsg = ''; } - if ( preg_match('/\[(\d+)\] (.+)/', $line, $m) ) { + if ( preg_match('/\[(\d+)] (.+)/', $line, $m) ) { $logLvl = $m[1]; - $logMsg = "{$wpInstall->getPath()} - {$m[2]}\n"; + $logMsg = "{$wpInstall->getPath()} - $m[2]\n"; } $curr = &$logMsg; @@ -482,7 +662,7 @@ public static function issue( $action, WPInstall $wpInstall, $unexpectedLines++; } - $curr .= "{$line}\n"; + $curr .= "$line\n"; } } @@ -523,7 +703,7 @@ public static function issue( $action, WPInstall $wpInstall, if ( $isExpectedOutput ) { $msg = $err; - Logger::error("{$wpInstall->getPath()} - {$err}"); + Logger::error("{$wpInstall->getPath()} - $err"); } else { $msg = self::handleUnexpectedError( @@ -541,34 +721,27 @@ public static function issue( $action, WPInstall $wpInstall, /** * - * @param string[] $args + * @param string[] $args + * * @return null|WPInstall */ - public static function newFromCmdArgs( &$args ) + public static function newFromCmdArgs( array &$args ) { - $wpPath = array_shift($args); - - if ( !$wpPath || !is_dir($wpPath) ) { - return null; - } + if ( !($wpPath = array_shift($args)) + || !($docRoot = array_shift($args)) + || !($serverName = array_shift($args)) ) { - $docRoot = array_shift($args); - - if ( !$docRoot ) { return null; } - $serverName = array_shift($args); - - if ( !$serverName ) { + if ( !is_dir($wpPath) ) { return null; } /** * LSCWP_REF used by LSCWP plugin. */ - $env = array_shift($args); - define('LSCWP_REF', $env); + define('LSCWP_REF', array_shift($args)); $install = new WPInstall($wpPath); @@ -585,20 +758,34 @@ public static function newFromCmdArgs( &$args ) /** * - * @param string $action - * @param WPInstall $wpInstall - * @param string[] $extraArgs Not used at the moment. - * @return boolean - * @throws LSCMException Thrown directly and indirectly. + * @param string $action + * @param WPInstall $wpInstall + * @param string[] $extraArgs Not used at the moment. + * + * @return bool + * + * @throws LSCMException Thrown when $action value is unsupported. + * @throws LSCMException Thrown indirectly by $wpInstall->hasValidPath() + * call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. + * @throws LSCMException Thrown indirectly by $wpInstall->refreshStatus() + * call. + * @throws LSCMException Thrown indirectly by $wpInstall->addUserFlagFile() + * call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. + * @throws LSCMException Thrown indirectly by + * DashNotifier::prepLocalDashPluginFiles() call. * * @noinspection PhpUnusedParameterInspection */ - private static function preIssueValidation( $action, WPInstall $wpInstall, - $extraArgs ) + private static function preIssueValidation( + $action, + WPInstall $wpInstall, + array $extraArgs ) { if ( !self::isSupportedIssueCmd($action) ) { throw new LSCMException( - "Illegal action {$action}.", + "Illegal action $action.", LSCMException::E_PROGRAM ); } @@ -607,15 +794,15 @@ private static function preIssueValidation( $action, WPInstall $wpInstall, return false; } - switch ($action) { + switch ( $action ) { + case self::CMD_MASS_ENABLE: case self::CMD_MASS_DISABLE: - /** @noinspection PhpMissingBreakStatementInspection */ case self::CMD_MASS_UPGRADE: if ( $wpInstall->hasFlagFile() ) { Logger::debug( - "Bypass mass operation for flagged install {$wpInstall}" + "Bypass mass operation for flagged install $wpInstall" ); return false; } @@ -632,7 +819,7 @@ private static function preIssueValidation( $action, WPInstall $wpInstall, Logger::debug( 'Bypassed mass operation for error install and ' - . "flagged {$wpInstall}" + . "flagged $wpInstall" ); return false; } @@ -652,8 +839,8 @@ private static function preIssueValidation( $action, WPInstall $wpInstall, /** * - * @since 1.9 Changed echo'd output format to include "[LOG][$lvl] $msg". - * Stopped echo'ing "[DEBUG] $msg" output. + * @since 1.9 Changed echoed output format to include "[LOG][$lvl] $msg". + * Stopped echoing "[DEBUG] $msg" output. * * @return int */ @@ -670,9 +857,10 @@ private function runAsUser() $ret = self::EXIT_SUCC; } else { - $proc = WPCaller::getInstance($this->currInstall, true); + $proc = WPCaller::getInstance($this->currInstall); + + switch ( $this->action ) { - switch ($this->action) { case self::CMD_STATUS: $ret = $proc->updateStatus(true); break; @@ -741,22 +929,22 @@ private function runAsUser() echo "LS UserCommand Output Start\n"; foreach ( $proc->getOutputResult() as $key => $value ) { - echo "[RESULT] {$key}={$value}\n"; + echo "[RESULT] $key=$value\n"; } foreach ( Logger::getUiMsgs(Logger::UI_SUCC) as $msg ) { - echo "[SUCCESS] {$msg}\n"; + echo "[SUCCESS] $msg\n"; } foreach ( Logger::getUiMsgs(Logger::UI_ERR) as $msg ) { - echo "[ERROR] {$msg}\n"; + echo "[ERROR] $msg\n"; } foreach ( Logger::getLogMsgQueue() as $logEntry ) { $lvl = $logEntry->getLvl(); $msg = $logEntry->getMsg(); - echo "[LOG][{$lvl}] {$msg}\n"; + echo "[LOG][$lvl] $msg\n"; } } catch ( Exception $e ) @@ -779,7 +967,8 @@ private function runAsUser() /** * * @param string $action - * @return boolean + * + * @return bool */ private static function isSupportedIssueCmd( $action ) { @@ -807,7 +996,8 @@ private static function isSupportedIssueCmd( $action ) /** * * @param string[] $args - * @return boolean + * + * @return bool */ private function initArgs( $args ) { @@ -829,7 +1019,10 @@ private function initArgs( $args ) /** * * @return UserCommand - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by "new self()" call. + * + * @noinspection PhpDocRedundantThrowsInspection */ private static function getUserCommand() { @@ -841,9 +1034,8 @@ private static function getUserCommand() } $args = $_SERVER['argv']; - $script = array_shift($args); - if ( $script != __FILE__ ) { + if ( array_shift($args) != __FILE__ ) { return null; } @@ -859,7 +1051,7 @@ private static function getUserCommand() /** * - * @throws LSCMException Thrown indirectly. + * @throws LSCMException Thrown indirectly by self::getUserCommand() call. */ public static function run() { diff --git a/dist/add-ons/webcachemgr/src/View/Model/VersionManageViewModel.php b/dist/add-ons/webcachemgr/src/View/Model/VersionManageViewModel.php index c10afa878..c4522005f 100644 --- a/dist/add-ons/webcachemgr/src/View/Model/VersionManageViewModel.php +++ b/dist/add-ons/webcachemgr/src/View/Model/VersionManageViewModel.php @@ -2,17 +2,18 @@ /** ****************************************** * LiteSpeed Web Server Cache Manager - * @author: LiteSpeed Technologies, Inc. (https://www.litespeedtech.com) - * @copyright: (c) 2018-2020 + * + * @author Michael Alegre + * @copyright (c) 2018-2022 LiteSpeed Technologies, Inc. * ******************************************* */ namespace Lsc\Wp\View\Model; -use \Lsc\Wp\WPInstallStorage; -use \Lsc\Wp\Context\Context; -use \Lsc\Wp\PluginVersion; -use \Lsc\Wp\Logger; -use \Lsc\Wp\LSCMException; +use Lsc\Wp\WPInstallStorage; +use Lsc\Wp\Context\Context; +use Lsc\Wp\PluginVersion; +use Lsc\Wp\Logger; +use Lsc\Wp\LSCMException; class VersionManageViewModel { @@ -53,9 +54,10 @@ class VersionManageViewModel const ST_INSTALLS_DISCOVERED = 2; /** - * @deprecated 1.13.4.1 Added back as a deprecated constant after accidental - * removal in v1.13.4. Use - * self::ST_NO_NON_ERROR_INSTALLS_DISCOVERED instead. + * @deprecated 1.13.4.1 Added back as a deprecated constant after + * accidental removal in v1.13.4. Use + * self::ST_NO_NON_ERROR_INSTALLS_DISCOVERED instead. + * * @var int */ const ST_NO_INSTALLS_DISCOVERED = 1; @@ -82,8 +84,9 @@ class VersionManageViewModel /** * - * @param WPInstallStorage $wpInstallStorage - * @throws LSCMException Thrown indirectly. + * @param WPInstallStorage $wpInstallStorage + * + * @throws LSCMException Thrown indirectly by $this->init() call. */ public function __construct( WPInstallStorage $wpInstallStorage ) { @@ -94,7 +97,11 @@ public function __construct( WPInstallStorage $wpInstallStorage ) /** * - * @throws LSCMException Thrown indirectly. + * @throws LSCMException Thrown indirectly by $this->setIconPath() call. + * @throws LSCMException Thrown indirectly by $this->setActiveVerData() + * call. + * @throws LSCMException Thrown indirectly by $this->setVerListData() call. + * @throws LSCMException Thrown indirectly by $this->setMsgData() call. */ protected function init() { @@ -107,7 +114,8 @@ protected function init() /** * - * @param string $field + * @param string $field + * * @return null|boolean|string|string[] */ public function getTplData( $field ) @@ -120,31 +128,35 @@ public function getTplData( $field ) } + /** + * + * @throws LSCMException Thrown indirectly by Logger::debug() call. + */ protected function setIconPath() { $iconPath = ''; - try - { + try { $iconDir = Context::getOption()->getIconDir(); - $iconPath = "{$iconDir}/lscwpCurrentVersion.svg"; + $iconPath = "$iconDir/lscwpCurrentVersion.svg"; } - catch ( LSCMException $e ) - { + catch ( LSCMException $e ) { Logger::debug($e->getMessage() . ' Could not get icon directory.'); } $this->tplData[self::FLD_ICON] = $iconPath; } + /** + * + * @throws LSCMException Thrown indirectly by Logger::debug() call. + */ protected function setActiveVerData() { - try - { + try { $currVer = PluginVersion::getCurrentVersion(); } - catch ( LSCMException $e ) - { + catch ( LSCMException $e ) { Logger::debug( $e->getMessage() . ' Could not get active LSCWP version.' ); @@ -174,7 +186,9 @@ protected function setStateData() /** * - * @throws LSCMException Thrown indirectly. + * @throws LSCMException Thrown indirectly by PluginVersion::getInstance() + * call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. */ protected function setVerListData() { @@ -198,11 +212,21 @@ protected function setVerListData() $this->tplData[self::FLD_ALLOWED_VER_LIST] = $allowedList; } + /** + * + * @throws LSCMException Thrown indirectly by Logger::getUiMsgs() call. + */ protected function setMsgData() { $this->tplData[self::FLD_ERR_MSGS] = Logger::getUiMsgs(Logger::UI_ERR); } + /** + * + * @return string + * + * @throws LSCMException Thrown indirectly by Context::getOption() call. + */ public function getTpl() { return Context::getOption()->getSharedTplDir() . '/VersionManage.tpl'; diff --git a/dist/add-ons/webcachemgr/src/View/Tpl/VersionManage.tpl b/dist/add-ons/webcachemgr/src/View/Tpl/VersionManage.tpl index 59bd5f528..6babdb523 100644 --- a/dist/add-ons/webcachemgr/src/View/Tpl/VersionManage.tpl +++ b/dist/add-ons/webcachemgr/src/View/Tpl/VersionManage.tpl @@ -3,8 +3,9 @@ viewModel->getTplData(ViewModel::FLD_ICON); $activeVer = $this->viewModel->getTplData(ViewModel::FLD_ACTIVE_VER); $verList = $this->viewModel->getTplData(ViewModel::FLD_VERSION_LIST); @@ -37,7 +38,7 @@ $this->loadTplBlock('SectionTitle.tpl', $d);

- [Feature Disabled] Unable to find/retrieve LSCWP version list. + [Feature Disabled] Unable to find/retrieve valid LSCWP version list.

@@ -60,7 +61,12 @@ $this->loadTplBlock('SectionTitle.tpl', $d); - New Active Version + - @@ -133,7 +142,7 @@ if ( $state == ViewModel::ST_SCAN_NEEDED ):

- [Feature Disabled] Unable to find/retrieve LSCWP version list. + [Feature Disabled] Unable to find/retrieve valid LSCWP version list.

@@ -153,13 +162,23 @@ if ( $state == ViewModel::ST_SCAN_NEEDED ): - - + - - diff --git a/dist/add-ons/webcachemgr/src/WPInstallStorage.php b/dist/add-ons/webcachemgr/src/WPInstallStorage.php index 5d30af860..207853438 100644 --- a/dist/add-ons/webcachemgr/src/WPInstallStorage.php +++ b/dist/add-ons/webcachemgr/src/WPInstallStorage.php @@ -3,8 +3,8 @@ /** ********************************************* * LiteSpeed Web Server Cache Manager * - * @author LiteSpeed Technologies, Inc. (https://www.litespeedtech.com) - * @copyright (c) 2018-2022 + * @author Michael Alegre + * @copyright (c) 2018-2022 LiteSpeed Technologies, Inc. * ******************************************* */ @@ -36,6 +36,12 @@ class WPInstallStorage */ const CMD_DISCOVER_NEW = 'discoverNew'; + /** + * @since 1.14 + * @var string + */ + const CMD_DISCOVER_NEW_AND_ENABLE = 'discoverNewAndEnable'; + /** * @since 1.13.3 * @var string @@ -126,9 +132,10 @@ class WPInstallStorage /** * - * @param string $dataFile - * @param string $custDataFile - * @throws LSCMException Thrown indirectly. + * @param string $dataFile + * @param string $custDataFile + * + * @throws LSCMException Thrown indirectly by $this->init() call. */ public function __construct( $dataFile, $custDataFile = '' ) { @@ -140,7 +147,8 @@ public function __construct( $dataFile, $custDataFile = '' ) /** * * @return int - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by Logger::debug() call. */ protected function init() { @@ -174,9 +182,14 @@ protected function init() /** * - * @param string $dataFile + * @param string $dataFile + * * @return WPInstall[] - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown when data file is corrupt. + * @throws LSCMException Thrown when there is a data file version issue. + * @throws LSCMException Thrown indirectly by $this->verifyDataFileVer() + * call. */ protected function getDataFileData( $dataFile ) { @@ -234,7 +247,8 @@ public function getError() /** * - * @param bool $nonFatalOnly + * @param bool $nonFatalOnly + * * @return int */ public function getCount( $nonFatalOnly = false ) @@ -338,7 +352,8 @@ public function getPaths() /** * - * @param string $path + * @param string $path + * * @return WPInstall|null */ public function getWPInstall( $path ) @@ -371,7 +386,7 @@ public function getWorkingQueue() /** * - * @param WPInstall $wpInstall + * @param WPInstall $wpInstall */ public function addWPInstall( WPInstall $wpInstall ) { @@ -380,7 +395,8 @@ public function addWPInstall( WPInstall $wpInstall ) /** * - * @throws LSCMException Thrown indirectly. + * @throws LSCMException Thrown indirectly by $this->saveDataFile() call. + * @throws LSCMException Thrown indirectly by $this->saveDataFile() call. */ public function syncToDisk() { @@ -393,9 +409,10 @@ public function syncToDisk() /** * - * @param string $dataFile - * @param WPInstall[] $wpInstalls - * @throws LSCMException Thrown indirectly. + * @param string $dataFile + * @param WPInstall[]|null $wpInstalls + * + * @throws LSCMException Thrown indirectly by $this->log() call. */ protected function saveDataFile( $dataFile, $wpInstalls ) { @@ -421,8 +438,7 @@ protected function saveDataFile( $dataFile, $wpInstalls ) ksort($data); } - $file_str = json_encode($data); - file_put_contents($dataFile, $file_str, LOCK_EX); + file_put_contents($dataFile, json_encode($data), LOCK_EX); chmod($dataFile, 0600); $this->log("Data file saved $dataFile", Logger::L_DEBUG); @@ -430,10 +446,13 @@ protected function saveDataFile( $dataFile, $wpInstalls ) /** * - * @param string $dataFile - * @param string $dataFileVer + * @param string $dataFile + * @param string $dataFileVer + * * @return int - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by Logger::info() call. + * @throws LSCMException Thrown indirectly by $this->updateDataFile() call. */ protected function verifyDataFileVer( $dataFile, $dataFileVer ) { @@ -456,10 +475,14 @@ protected function verifyDataFileVer( $dataFile, $dataFileVer ) /** * - * @param string $dataFile - * @param string $dataFileVer + * @param string $dataFile + * @param string $dataFileVer + * * @return bool - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by Logger::info() call. + * @throws LSCMException Thrown indirectly by Util::createBackup() call. + * @throws LSCMException Thrown indirectly by Logger::error() call. */ public static function updateDataFile( $dataFile, $dataFileVer ) { @@ -493,13 +516,17 @@ public static function updateDataFile( $dataFile, $dataFileVer ) /** * - * @param string $action + * @param string $action + * * @return string[] - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown when "get docroots" command fails. + * @throws LSCMException Thrown when $action value is unsupported. */ protected function prepareActionItems( $action ) { switch ($action) { + case self::CMD_SCAN: case self::CMD_SCAN2: case self::CMD_DISCOVER_NEW: @@ -524,6 +551,7 @@ protected function prepareActionItems( $action ) case UserCommand::CMD_MASS_DASH_DISABLE: case self::CMD_MASS_UNFLAG: return $this->getPaths(); + default: throw new LSCMException('Missing parameter(s).'); } @@ -531,12 +559,35 @@ protected function prepareActionItems( $action ) /** * - * @param string $action - * @param string $path - * @param string[] $extraArgs - * @throws LSCMException Thrown indirectly. + * @param string $action + * @param string $path + * @param string[] $extraArgs + * + * @throws LSCMException Thrown when an invalid LSCWP version is selected + * in action UserCommand::CMD_MASS_UPGRADE. + * @throws LSCMException Thrown when LSCWP version fails to download in + * action UserCommand::CMD_MASS_UPGRADE. + * @throws LSCMException Thrown when LSCWP source package is not available + * in action UserCommand::CMD_MASS_UPGRADE. + * @throws LSCMException Thrown indirectly by $wpInstall->hasValidPath() + * call. + * @throws LSCMException Thrown indirectly by $wpInstall->addUserFlagFile() + * call. + * @throws LSCMException Thrown indirectly by $wpInstall->hasValidPath() + * call. + * @throws LSCMException Thrown indirectly by $wpInstall->refreshStatus() + * call. + * @throws LSCMException Thrown indirectly by $wpInstall->addUserFlagFile() + * call. + * @throws LSCMException Thrown indirectly by PluginVersion::getInstance() + * call. + * @throws LSCMException Thrown indirectly by + * PluginVersion::getInstance()->getAllowedVersions() call. + * @throws LSCMException Thrown indirectly by UserCommand::issue() call. + * @throws LSCMException Thrown indirectly by $this->syncToDisk() call. + * @throws LSCMException Thrown indirectly by $this->syncToDisk() call. */ - protected function doWPInstallAction( $action, $path, $extraArgs ) + protected function doWPInstallAction( $action, $path, array $extraArgs ) { if ( ($wpInstall = $this->getWPInstall($path)) == null ) { $wpInstall = new WPInstall($path); @@ -654,20 +705,40 @@ protected function doWPInstallAction( $action, $path, $extraArgs ) /** * - * @param string $action - * @param null|string[] $list - * @param string[]|string[][] $extraArgs + * @param string $action + * @param null|string[] $list + * @param string[]|string[][] $extraArgs + * * @return string[] - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by $this->prepareActionItems() + * call. + * @throws LSCMException Thrown indirectly by $this->log() call. + * @throws LSCMException Thrown indirectly by Context::getActionTimeout() + * call. + * @throws LSCMException Thrown indirectly by $this->scan() call. + * @throws LSCMException Thrown indirectly by $this->addNewWPInstall() + * call. + * @throws LSCMException Thrown indirectly by + * $this->addCustomInstallations() call. + * @throws LSCMException Thrown indirectly by + * PluginVersion::getCurrentVersion() call. + * @throws LSCMException Thrown indirectly by PluginVersion::getInstance() + * call. + * @throws LSCMException Thrown indirectly by + * PluginVersion::getInstance()->setActiveVersion() call. + * @throws LSCMException Thrown indirectly by $this->doWPInstallAction() + * call. + * @throws LSCMException Thrown indirectly by $this->syncToDisk() call. */ - public function doAction( $action, $list, $extraArgs = array() ) + public function doAction( $action, $list, array $extraArgs = array() ) { if ( $list === null ) { $list = $this->prepareActionItems($action); } $count = count($list); - $this->log("doAction {$action} for {$count} items", Logger::L_VERBOSE); + $this->log("doAction $action for $count items", Logger::L_VERBOSE); $endTime = $count > 1 ? Context::getActionTimeout() : 0; $finishedList = array(); @@ -704,9 +775,7 @@ public function doAction( $action, $list, $extraArgs = array() ) break; case self::CMD_ADD_CUST_WPINSTALLS: - $wpInstallsInfo = $extraArgs[0]; - - $this->addCustomInstallations($wpInstallsInfo); + $this->addCustomInstallations($extraArgs[0]); break; default: @@ -717,8 +786,9 @@ public function doAction( $action, $list, $extraArgs = array() ) /** * Ensure that current version is locally downloaded. */ - $currVer = PluginVersion::getCurrentVersion(); - PluginVersion::getInstance()->setActiveVersion($currVer); + PluginVersion::getInstance() + ->setActiveVersion(PluginVersion::getCurrentVersion()) + ; } foreach ( $list as $path ) { @@ -749,16 +819,24 @@ public function doAction( $action, $list, $extraArgs = array() ) * * @deprecated 1.13.3 Use $this->scan2() instead. * - * @param string $docroot - * @param bool $forceRefresh + * @param string $docroot + * @param bool $forceRefresh + * * @return void - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by Context::getScanDepth() call. + * @throws LSCMException Thrown indirectly by $this->log() call. + * @throws LSCMException Thrown indirectly by $this->log() call. + * @throws LSCMException Thrown indirectly by $this->log() call. + * @throws LSCMException Thrown indirectly by + * $this->wpInstalls[$wp_path]->refreshStatus() call. */ protected function scan( $docroot, $forceRefresh = false ) { - $depth = Context::getScanDepth(); - $cmd = "find -L $docroot -maxdepth $depth -name wp-admin -print"; - $directories = shell_exec($cmd); + $directories = shell_exec( + "find -L $docroot -maxdepth " . Context::getScanDepth() + . ' -name wp-admin -print' + ); /** * Example: @@ -820,15 +898,18 @@ protected function scan( $docroot, $forceRefresh = false ) * * @since 1.13.3 * - * @param string $docroot + * @param string $docroot + * * @return string[] - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by Context::getScanDepth() call. */ public function scan2( $docroot ) { - $depth = Context::getScanDepth(); - $cmd = "find -L $docroot -maxdepth $depth -name wp-admin -print"; - $directories = shell_exec($cmd); + $directories = shell_exec( + "find -L $docroot -maxdepth " . Context::getScanDepth() + .' -name wp-admin -print' + ); /** * Example: @@ -852,8 +933,7 @@ public function scan2( $docroot ) $wpPaths = array(); foreach ( $matches[1] as $path ) { - $wpPath = realpath($docroot . $path); - $wpPaths[] = $wpPath; + $wpPaths[] = realpath($docroot . $path); } return $wpPaths; @@ -861,13 +941,18 @@ public function scan2( $docroot ) /** * Add a new WPInstall object to WPInstallStorage's $wpInstalls[] given a - * path to a WordPress installation and refresh it's status . If a WPInstall - * object already exists for the given path, refresh it's status. + * path to a WordPress installation and refresh its status. If a WPInstall + * object already exists for the given path, refresh its status. * * @since 1.13.3 * - * @param string $wpPath - * @throws LSCMException Thrown indirectly. + * @param string $wpPath + * + * @throws LSCMException Thrown indirectly by $this->log() call. + * @throws LSCMException Thrown indirectly by $this->log() call. + * @throws LSCMException Thrown indirectly by $this->log() call. + * @throws LSCMException Thrown indirectly by + * $this->wpInstalls[$wpPath]->refreshStatus() call. */ protected function addNewWPInstall( $wpPath ) { @@ -879,8 +964,8 @@ protected function addNewWPInstall( $wpPath ) $this->wpInstalls[$wpPath] = new WPInstall($wpPath); $this->log("New installation found: $wpPath", Logger::L_INFO); - if ( $this->custWpInstalls != null && - isset($this->custWpInstalls[$wpPath]) ) { + if ( $this->custWpInstalls != null + && isset($this->custWpInstalls[$wpPath]) ) { unset($this->custWpInstalls[$wpPath]); @@ -903,11 +988,20 @@ protected function addNewWPInstall( $wpPath ) /** * - * @param string[] $wpInstallsInfo + * @param string[] $wpInstallsInfo + * * @return void - * @throws LSCMException Thrown indirectly. + * + * @throws LSCMException Thrown indirectly by $this->log() call. + * @throws LSCMException Thrown indirectly by $this->log() call. + * @throws LSCMException Thrown indirectly by $this->log() call. + * @throws LSCMException Thrown indirectly by $this->log() call. + * @throws LSCMException Thrown indirectly by + * $this->custWpInstalls[$wpPath]->refreshStatus() call. + * @throws LSCMException Thrown indirectly by $this->log() call. + * @throws LSCMException Thrown indirectly by $this->log() call. */ - protected function addCustomInstallations( $wpInstallsInfo ) + protected function addCustomInstallations( array $wpInstallsInfo ) { if ( $this->customDataFile == '' ) { $this->log( @@ -925,8 +1019,7 @@ protected function addCustomInstallations( $wpInstallsInfo ) $count = count($wpInstallsInfo); for ( $i = 0; $i < $count; $i++ ) { - $infoString = $wpInstallsInfo[$i]; - $info = preg_split('/\s+/', trim($infoString)); + $info = preg_split('/\s+/', trim($wpInstallsInfo[$i])); $line = $i + 1; @@ -941,9 +1034,6 @@ protected function addCustomInstallations( $wpInstallsInfo ) } $wpPath = $info[0]; - $docroot = $info[1]; - $serverName = $info[2]; - $siteUrl = $info[3]; if ( !file_exists("$wpPath/wp-admin") ) { $this->log( @@ -955,6 +1045,8 @@ protected function addCustomInstallations( $wpInstallsInfo ) continue; } + $docroot = $info[1]; + if ( !(substr($wpPath, 0, strlen($docroot)) === $docroot) ) { $this->log( "docroot not contained in $wpPath on line $line. " @@ -968,8 +1060,8 @@ protected function addCustomInstallations( $wpInstallsInfo ) if ( !isset($this->wpInstalls[$wpPath]) ) { $this->custWpInstalls[$wpPath] = new WPInstall($wpPath); $this->custWpInstalls[$wpPath]->setDocRoot($docroot); - $this->custWpInstalls[$wpPath]->setServerName($serverName); - $this->custWpInstalls[$wpPath]->setSiteUrlDirect($siteUrl); + $this->custWpInstalls[$wpPath]->setServerName($info[2]); + $this->custWpInstalls[$wpPath]->setSiteUrlDirect($info[3]); $this->custWpInstalls[$wpPath]->refreshStatus(); $this->log( @@ -1022,13 +1114,19 @@ public function getAllCmdMsgs() /** * - * @param string $msg - * @param int $level - * @throws LSCMException Thrown indirectly. + * @param string $msg + * @param int $level + * + * @throws LSCMException Thrown indirectly by Logger::error() call. + * @throws LSCMException Thrown indirectly by Logger::warn() call. + * @throws LSCMException Thrown indirectly by Logger::notice() call. + * @throws LSCMException Thrown indirectly by Logger::info() call. + * @throws LSCMException Thrown indirectly by Logger::verbose() call. + * @throws LSCMException Thrown indirectly by Logger::debug() call. */ protected function log( $msg, $level ) { - $msg = "WPInstallStorage - {$msg}"; + $msg = "WPInstallStorage - $msg"; switch ($level) { diff --git a/dist/admin/html.open/lib/CAuthorizer.php b/dist/admin/html.open/lib/CAuthorizer.php index ad5c67b6d..4020534a8 100644 --- a/dist/admin/html.open/lib/CAuthorizer.php +++ b/dist/admin/html.open/lib/CAuthorizer.php @@ -82,7 +82,17 @@ public static function Authorize() public function IsValid() { - return !( ($_SESSION['valid'] !== true) || (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST']) === false)); + if ($_SESSION['valid'] !== true) { + return false; + } + // otherwise enforce referrer exists + if (!isset($_SERVER['HTTP_REFERER'])) { + return false; + } + if (strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST']) === false) { + return false; + } + return true; } public static function GetToken() diff --git a/dist/admin/html.open/lib/CNode.php b/dist/admin/html.open/lib/CNode.php index 707836c91..615872418 100644 --- a/dist/admin/html.open/lib/CNode.php +++ b/dist/admin/html.open/lib/CNode.php @@ -243,9 +243,15 @@ public function EndBlock(&$cur_comment) { if ($this->_raw_tag != '') { $this->_raw_content .= $cur_comment; - if ($this->_raw_content != '') { - $child = new CNode($this->_raw_tag, $this->_raw_content, self::T_KV | self::T_RAW); - $this->AddChild($child); + if (trim($this->_raw_content) != '') { + $child = $this->GetChildren($this->_raw_tag); + if ($child != null) { + // append to existing + $child->_v .= "\n" . $this->_raw_content; + } else { + $child = new CNode($this->_raw_tag, $this->_raw_content, self::T_KV | self::T_RAW); + $this->AddChild($child); + } } else { // backward compatible, mark existing node to raw $child = $this->GetChildren($this->_raw_tag); diff --git a/dist/admin/html.open/lib/CValidation.php b/dist/admin/html.open/lib/CValidation.php index 20b76fd7f..c336895e2 100644 --- a/dist/admin/html.open/lib/CValidation.php +++ b/dist/admin/html.open/lib/CValidation.php @@ -562,7 +562,7 @@ protected function check_cmd_invalid_str($cmd) { // check if it's allowed command, do not allow ' " -c -i /dev/tcp bash sh csh tcsh ksh zsh $cmd = str_replace('.', 'a', $cmd); // replace . with char before pattern check - $pattern = '#("|\'|;|-c|-i|/dev/tcp|\Wbash\W|\Wsh\W|\Wcsh\W|\Wtcsh\W|\Wzsh\W|\Wksh\W)#'; + $pattern = '#("|\'|;|-c|-i|/dev/tcp|curl|wget|fetch|\Wbash\W|\Wsh\W|\Wcsh\W|\Wtcsh\W|\Wzsh\W|\Wksh\W)#'; if (preg_match($pattern, $cmd, $m)) { return $m[0]; diff --git a/dist/admin/html.open/lib/ControllerBase.php b/dist/admin/html.open/lib/ControllerBase.php index 39af2f2be..6f2fc427a 100644 --- a/dist/admin/html.open/lib/ControllerBase.php +++ b/dist/admin/html.open/lib/ControllerBase.php @@ -62,6 +62,15 @@ public static function HasChanged() return (isset($_SESSION['changed']) ? $_SESSION['changed'] : false); } + public static function getServerLoad() + { + $avgload = \sys_getloadavg(); + if ($avgload === false) { + return 'N/A'; + } + return implode(', ', array_map(function($load) { return round($load, 3); }, $avgload)); + } + protected function setChanged($changed) { $_SESSION['changed'] = $changed; diff --git a/dist/admin/html.open/lib/DAttrBase.php b/dist/admin/html.open/lib/DAttrBase.php index 8a5ee08fc..a2e8f1836 100644 --- a/dist/admin/html.open/lib/DAttrBase.php +++ b/dist/admin/html.open/lib/DAttrBase.php @@ -299,7 +299,7 @@ public function toHtml($pnode, $refUrl = null) } } else { - $o .= $this->toHtmlContent($node, $refUrl); + $o .= $this->toHtmlContent($node, $refUrl); } return $o; } diff --git a/dist/admin/html.open/lib/DInfo.php b/dist/admin/html.open/lib/DInfo.php index 3436bc74d..8afdb8264 100644 --- a/dist/admin/html.open/lib/DInfo.php +++ b/dist/admin/html.open/lib/DInfo.php @@ -434,71 +434,9 @@ public function SwitchToSubTid($extracted) public function GetDerivedSelOptions($tid, $loc, $node) { - $o = []; if (substr($loc, 0, 13) == 'extprocessor:') { - $type = substr($loc, 13); - if ($type == '$$type') { - if ($node != null) { - $type = $node->GetChildVal('type'); - } - if ($type == null) { // default - $type = 'fcgi'; - } - } - if ($type == 'cgi') { - $o['cgi'] = 'CGI Daemon'; - return $o; - } - if ($type == 'module') { - $modules = $this->_servData->GetChildrenValues('module'); - if ($modules != null) { - foreach ($modules as $mn) { - $o[$mn] = $mn; - } - } - return $o; - } - - $exps = []; - if (($servexps = $this->_servData->GetRootNode()->GetChildren('extprocessor')) != null) { - if (is_array($servexps)) { - foreach ($servexps as $exname => $ex) { - if ($ex->GetChildVal('type') == $type) { - $exps[] = $exname; - } - } - } - elseif ($servexps->GetChildVal('type') == $type) { - $exps[] = $servexps->Get(CNode::FLD_VAL); - } - } - - if ($this->_view == DInfo::CT_SERV) { - foreach ($exps as $exname) { - $o[$exname] = $exname; - } - return $o; - } - foreach ($exps as $exname) { - $o[$exname] = '[' . DMsg::UIStr('note_serv_level') . "]: $exname"; - } - - $loc = ($this->_view == DInfo::CT_TP) ? 'virtualHostConfig:extprocessor' : 'extprocessor'; - if (($vhexps = $this->_confData->GetRootNode()->GetChildren($loc)) != null) { - if (is_array($vhexps)) { - foreach ($vhexps as $exname => $ex) { - if ($ex->GetChildVal('type') == $type) { - $o[$exname] = "[VHost Level]: $exname"; - } - } - } - elseif ($vhexps->GetChildVal('type') == $type) { - $exname = $vhexps->Get(CNode::FLD_VAL); - $o[$exname] = '[' . DMsg::UIStr('note_vh_level') . "]: $exname"; - } - } - return $o; + return $this->getDerivedSelOptions_extprocessor($tid, $loc, $node); } if (in_array($loc, ['virtualhost', 'listener', 'module'])) { @@ -511,6 +449,7 @@ public function GetDerivedSelOptions($tid, $loc, $node) } sort($names); + $o = []; foreach ($names as $name) { $o[$name] = $name; } @@ -518,6 +457,76 @@ public function GetDerivedSelOptions($tid, $loc, $node) return $o; } + protected function getDerivedSelOptions_extprocessor($tid, $loc, $node) + { + $o = []; + // substr($loc, 0, 13) == 'extprocessor:') + $type = substr($loc, 13); + if ($type == '$$type') { + if ($node != null) { + $type = $node->GetChildVal('type'); + } + if ($type == null) { // default + $type = 'fcgi'; + } + } + if ($type == 'cgi') { + $o['cgi'] = 'CGI Daemon'; + return $o; + } + if ($type == 'module') { + $modules = $this->_servData->GetChildrenValues('module'); + if ($modules != null) { + foreach ($modules as $mn) { + $o[$mn] = $mn; + } + } + return $o; + } + + $exps = []; + if (($servexps = $this->_servData->GetRootNode()->GetChildren('extprocessor')) != null) { + if (is_array($servexps)) { + foreach ($servexps as $exname => $ex) { + if ($ex->GetChildVal('type') == $type) { + $exps[] = $exname; + } + } + } + elseif ($servexps->GetChildVal('type') == $type) { + $exps[] = $servexps->Get(CNode::FLD_VAL); + } + } + + if ($this->_view == DInfo::CT_SERV) { + foreach ($exps as $exname) { + $o[$exname] = $exname; + } + return $o; + } + + foreach ($exps as $exname) { + $o[$exname] = '[' . DMsg::UIStr('note_serv_level') . "]: $exname"; + } + + $loc = ($this->_view == DInfo::CT_TP) ? 'virtualHostConfig:extprocessor' : 'extprocessor'; + if (($vhexps = $this->_confData->GetRootNode()->GetChildren($loc)) != null) { + if (is_array($vhexps)) { + foreach ($vhexps as $exname => $ex) { + if ($ex->GetChildVal('type') == $type) { + $o[$exname] = '[' . DMsg::UIStr('note_vh_level') . "]: $exname"; + } + } + } + elseif ($vhexps->GetChildVal('type') == $type) { + $exname = $vhexps->Get(CNode::FLD_VAL); + $o[$exname] = '[' . DMsg::UIStr('note_vh_level') . "]: $exname"; + $o[$n[0]] = $n[1]; + } + } + return $o; + } + public function GetVHRoot() { // type = 'SR', 'VR' diff --git a/dist/admin/html.open/lib/DTbl.php b/dist/admin/html.open/lib/DTbl.php index 8da117f65..fb00a3d06 100644 --- a/dist/admin/html.open/lib/DTbl.php +++ b/dist/admin/html.open/lib/DTbl.php @@ -316,19 +316,21 @@ private function print_view($dlayer, $disp) $is_num = true; foreach ($dlayer as $key => $node) { $val = $node->GetChildVal($this->_sort_key); - if ($is_num && !is_numeric($val)) + if ($is_num && !is_numeric($val)) { $is_num = false; + } $sorted[$key] = $val; } $flag = $is_num ? SORT_NUMERIC : SORT_STRING; - if ($this->_sort_ascend == 1) + if ($this->_sort_ascend == 1) { asort($sorted, $flag); - else + } else { arsort($sorted, $flag); + } $keys = array_keys($sorted); - } else + } else { $keys = array_keys($dlayer); - + } $action_attr = null; foreach ($this->_dattrs as $attr) { if ($attr->_type == 'action') { @@ -411,10 +413,8 @@ private function get_print_line($node, $disp, $attr) if ($attr->_type == 'sel1' && $node != null && $node->GetChildVal($attr->GetKey()) != null) { $attr->SetDerivedSelOptions($disp->GetDerivedSelOptions($this->_id, $attr->_minVal, $node)); } - $buf = ''; if ($attr->_label) { - if ($is_blocked) { $buf .= ''; } - if ($this->_cols == 1) { - - //$buf .= '_cols == 1 && $attr->_label) { + $buf .= ''; // 1 col label, occupy its own tr + } + + $buf .= 'blockedVersion()) { $buf .= ' class="xtbl_value_blocked"'; } diff --git a/dist/admin/html.open/lib/DTblDefBase.php b/dist/admin/html.open/lib/DTblDefBase.php index 7b13121d6..5cabc62f7 100644 --- a/dist/admin/html.open/lib/DTblDefBase.php +++ b/dist/admin/html.open/lib/DTblDefBase.php @@ -1101,7 +1101,7 @@ protected function add_LVT_SSL_OCSP($id) self::NewTextAttr('ocspResponder', DMsg::ALbl('l_ocspresponder'), 'httpurl'), self::NewTextAttr('ocspCACerts', DMsg::ALbl('l_ocspcacerts'), 'cust'), ); - $this->_tblDef[$id] = DTbl::NewRegular($id, DMsg::ALbl('l_ocspstapling'), $attrs); + $this->_tblDef[$id] = DTbl::NewRegular($id, DMsg::ALbl('l_ocspstapling'), $attrs, 'sslOCSP'); } protected function add_T_TOP($id) diff --git a/dist/admin/html.open/res/lang/en-US_tips.php b/dist/admin/html.open/res/lang/en-US_tips.php index cf3440284..b7d56500c 100644 --- a/dist/admin/html.open/res/lang/en-US_tips.php +++ b/dist/admin/html.open/res/lang/en-US_tips.php @@ -146,9 +146,9 @@ $_tipsdb['brStaticCompressLevel'] = new DAttrHelp("Brotli Compression Level (Static File)", 'Specifies the level of Brotli compression applied to static files. Ranges from 0 (disabled) to 11 (highest).

When set to 0, brotli compression will be disabled globally.

Default value: 5', ' Save network bandwidth. Text-based responses such as html, css, and javascript files benefit the most and on average can be compressed to half of their original size.', 'Number between 0 and 11.', ''); -$_tipsdb['bubbleWrap'] = new DAttrHelp("Bubblewrap Container", 'Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/index.php/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

Default values:
Server level: Disabled
VH level: Inherit Server level setting', '', 'Select from drop down list', ''); +$_tipsdb['bubbleWrap'] = new DAttrHelp("Bubblewrap Container", 'Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/title/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

Default values:
Server level: Disabled
VH level: Inherit Server level setting', '', 'Select from drop down list', ''); -$_tipsdb['bubbleWrapCmd'] = new DAttrHelp("Bubblewrap Command", 'The full bubblewrap use command, including the bubblewrap program itself. More on configuring this command can be found here: https://openlitespeed.org/kb/bubblewrap-in-openlitespeed/ . If not specified, the default command listed below will be used.

Default value: /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --dir /tmp --proc /proc --symlink ../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /home/$USER /home/$USER --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’', '', '', ''); +$_tipsdb['bubbleWrapCmd'] = new DAttrHelp("Bubblewrap Command", 'The full bubblewrap use command, including the bubblewrap program itself. More on configuring this command can be found here: https://openlitespeed.org/kb/bubblewrap-in-openlitespeed/ . If not specified, the default command listed below will be used.

Default value: /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --dir /tmp --proc /proc --symlink ../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /home/$USER /home/$USER --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’', '', '', ''); $_tipsdb['certChain'] = new DAttrHelp("Chained Certificate", 'Specifies whether the certificate is a chained certificate or not. The file that stores a certificate chain must be in PEM format, and the certificates must be in the chained order, from the lowest level (the actual client or server certificate) to the highest level (root) CA.', '', 'Select from radio box', ''); @@ -218,7 +218,7 @@ $_tipsdb['enableIpGeo'] = new DAttrHelp("Enable GeoLocation Lookup", ' Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".', '', 'Select from radio box', ''); -$_tipsdb['enableLVE'] = new DAttrHelp("Cloud-Linux", 'Specifies whether to enable CloudLinux's Lightweight Virtual Environment (LVE) when it exists. You can use LiteSpeed with LVE to achieve better resource management. For more information, please check http://www.cloudlinux.com.', '', 'Select from drop down list', ''); +$_tipsdb['enableLVE'] = new DAttrHelp("Cloud-Linux", 'Specifies whether to enable CloudLinux's Lightweight Virtual Environment (LVE) when it exists. You can use LiteSpeed with LVE to achieve better resource management. For more information, please check http://www.cloudlinux.com.', '', 'Select from drop down list', ''); $_tipsdb['enableRecaptcha'] = new DAttrHelp("Enable reCAPTCHA", 'Enable the reCAPTCHA Protection feature at the current level. This setting must be set to Yes at the Server level before the reCAPTCHA Protection feature can be used.

Default values:
Server-level: Yes
VH-Level: Inherit Server level setting', '', 'Select from radio box', ''); @@ -258,7 +258,7 @@ $_tipsdb['extAppType'] = new DAttrHelp("Type", 'Specifies the type of external application. Application types are differentiated by the service they provide or the protocol they use to communicate with the server. Choose from ', 'Most applications will use either LSAPI or FastCGI protocol. LSAPI supports PHP, Ruby, and Python. Perl can be used with FastCGI. (PHP, Ruby, and Python can also be set up to run using FastCGI, but they run faster using LSAPI.) Java uses servlet engines.', 'Select from drop down list', ''); -$_tipsdb['extAuthorizer'] = new DAttrHelp("Authorizer", 'Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.', '', 'Select from drop down list', ''); +$_tipsdb['extAuthorizer'] = new DAttrHelp("Authorizer", 'Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .', '', 'Select from drop down list', ''); $_tipsdb['extGroup'] = new DAttrHelp("Run As Group", 'The external application will run as this specified group name. If not set, Virtual Host level settings will be inherited.

Default value: Not Set', '', 'Valid group name.', ''); @@ -502,7 +502,7 @@ $_tipsdb['quicEnable'] = new DAttrHelp("Enable HTTP3/QUIC", 'Enables the HTTP3/QUIC network protocol server wide. Default value is Yes.', 'When this setting is set to Yes, HTTP3/QUIC can still be disabled at the listener level through the "Open HTTP3/QUIC (UDP) port" setting, or at the virtual host level through the "Enable HTTP3/QUIC" setting.', 'Select from radio box', ''); -$_tipsdb['quicEnableDPLPMTUD'] = new DAttrHelp("Enable DPLPMTUD", 'Enable Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).

Background on DPLPMTUD (RFC 8899)

Default value: Yes', '', 'Select from radio box', ''); +$_tipsdb['quicEnableDPLPMTUD'] = new DAttrHelp("Enable DPLPMTUD", 'Enable Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).

Background on DPLPMTUD (RFC 8899)

Default value: Yes', '', 'Select from radio box', ''); $_tipsdb['quicHandshakeTimeout'] = new DAttrHelp("Handshake Timeout", 'The time in seconds a new QUIC connection is given to complete its handshake, after which the connection is aborted. Default value is 10.', '', 'Integer number between 1 and 15', ''); @@ -586,7 +586,7 @@ $_tipsdb['rewriteMapName'] = new DAttrHelp("Name", 'Specifies a unique name for the rewrite map at the virtual host level. This name will be used by a mapping-reference in rewrite rules. When referencing this name, one of the following syntaxes should be used:
$\{MapName:LookupKey\}
$\{MapName:LookupKey|DefaultValue\}

The implementation of LiteSpeed's rewrite engine follows the specifications of Apache's rewrite engine. For more details about rewrite maps, please refer to Apache's mod_rewrite document.', '', 'string', ''); -$_tipsdb['rewriteRules'] = new DAttrHelp("Rewrite Rules", 'Specifies a list of rewrite rules at the virtual host level.

Do NOT add any document root level rewrite rules here. If you have any document root level rewrite rules from .htaccess, you should instead create a static context with uri "/" and add the rewrite rules there.

A rewrite rule is comprised of one RewriteRule directive and optionally preceded by multiple RewriteCond directives.
The implementation of LiteSpeed's rewrite engine follows Apache's rewrite engine specifications. For more details about rewrite rules, please refer to Apache's mod_rewrite document and Apache's URL rewriting guide .', '', 'string', ''); +$_tipsdb['rewriteRules'] = new DAttrHelp("Rewrite Rules", 'Specifies a list of rewrite rules at the virtual host level.

Do NOT add any document root level rewrite rules here. If you have any document root level rewrite rules from .htaccess, you should instead create a static context with uri "/" and add the rewrite rules there.

A rewrite rule is comprised of one RewriteRule directive and optionally preceded by multiple RewriteCond directives.
The implementation of LiteSpeed's rewrite engine follows Apache's rewrite engine specifications. For more details about rewrite rules, please refer to Apache's mod_rewrite document and Apache's URL rewriting guide .', '', 'string', ''); $_tipsdb['rubyBin'] = new DAttrHelp("Ruby Path", 'Path to Ruby executable. Generally, it is /usr/bin/ruby or /usr/local/bin/ruby depending on where Ruby has been installed to.', '', 'Absolute path', ''); @@ -628,7 +628,7 @@ $_tipsdb['sslEnableMultiCerts'] = new DAttrHelp("Enable Multiple SSL Certificates", 'Allows listeners/vhosts to set multiple SSL certificates. If multiple certificates are enabled, the certificates/keys are expected to follow a naming scheme. If the cert is named server.crt, other possible cert names are server.crt.rsa, server.crt.dsa, server.crt.ecc. If "Not Set", defaults to "No".', '', 'Select from radio box', ''); -$_tipsdb['sslOCSP'] = new DAttrHelp("OCSP Stapling", 'Online Certificate Status Protocol (OCSP) is a more efficient method of checking whether a digital certificate is valid. It works by communicating with another server — the OCSP responder — to get verification that the certificate is valid instead of checking through certificate revocation lists (CRL).

OCSP stapling is a further improvement on this protocol, allowing the server to check with the OCSP responder at regular intervals instead of every time a certificate is requested. See the OCSP Wikipedia page for more details.', '', '', ''); +$_tipsdb['sslOCSP'] = new DAttrHelp("OCSP Stapling", 'Online Certificate Status Protocol (OCSP) is a more efficient method of checking whether a digital certificate is valid. It works by communicating with another server — the OCSP responder — to get verification that the certificate is valid instead of checking through certificate revocation lists (CRL).

OCSP stapling is a further improvement on this protocol, allowing the server to check with the OCSP responder at regular intervals instead of every time a certificate is requested. See the OCSP Wikipedia page for more details.', '', '', ''); $_tipsdb['sslOcspProxy'] = new DAttrHelp("OCSP Proxy", 'Socket address used as the proxy server address for OCSP verification. Leave this setting unset If not using a proxy.

Default value: not set', '', 'Socket Address', ''); diff --git a/dist/admin/html.open/res/lang/ja-JP_tips.php b/dist/admin/html.open/res/lang/ja-JP_tips.php index 066ed5ff5..20d73152d 100644 --- a/dist/admin/html.open/res/lang/ja-JP_tips.php +++ b/dist/admin/html.open/res/lang/ja-JP_tips.php @@ -146,9 +146,9 @@ $_tipsdb['brStaticCompressLevel'] = new DAttrHelp("Brotli Compression Level (Static File)", 'Specifies the level of Brotli compression applied to static files. Ranges from 0 (disabled) to 11 (highest).

When set to 0, brotli compression will be disabled globally.

Default value: 5', ' Save network bandwidth. Text-based responses such as html, css, and javascript files benefit the most and on average can be compressed to half of their original size.', 'Number between 0 and 11.', ''); -$_tipsdb['bubbleWrap'] = new DAttrHelp("Bubblewrap Container", 'Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/index.php/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

Default values:
Server level: Disabled
VH level: Inherit Server level setting', '', 'ドロップダウンリストから選択', ''); +$_tipsdb['bubbleWrap'] = new DAttrHelp("Bubblewrap Container", 'Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/title/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

Default values:
Server level: Disabled
VH level: Inherit Server level setting', '', 'ドロップダウンリストから選択', ''); -$_tipsdb['bubbleWrapCmd'] = new DAttrHelp("Bubblewrap Command", 'The full bubblewrap use command, including the bubblewrap program itself. More on configuring this command can be found here: https://openlitespeed.org/kb/bubblewrap-in-openlitespeed/ . If not specified, the default command listed below will be used.

Default value: /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --dir /tmp --proc /proc --symlink ../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /home/$USER /home/$USER --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’', '', '', ''); +$_tipsdb['bubbleWrapCmd'] = new DAttrHelp("Bubblewrap Command", 'The full bubblewrap use command, including the bubblewrap program itself. More on configuring this command can be found here: https://openlitespeed.org/kb/bubblewrap-in-openlitespeed/ . If not specified, the default command listed below will be used.

Default value: /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --dir /tmp --proc /proc --symlink ../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /home/$USER /home/$USER --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’', '', '', ''); $_tipsdb['certChain'] = new DAttrHelp("チェーン証明書", '証明書がチェーン証明書であるかどうかを指定します。 チェーン証明を格納するファイルは、PEM形式でなければならず、証明書は最下位レベル(実際のクライアントまたはサーバー証明書)から最上位(ルート)CAまでの連鎖の順序でなければなりません。', '', 'ラジオボックスから選択', ''); @@ -218,7 +218,7 @@ $_tipsdb['enableIpGeo'] = new DAttrHelp("IPジオロケーションを有効にする", ' IPジオロケーション検索を有効/無効にするかどうかを指定します。 サーバ、バーチャルホスト、コンテキストレベルで設定できます。 値 「未設定」を使用すると、IPジオロケーションはデフォルトで無効になります。', '', 'ラジオボックスから選択', ''); -$_tipsdb['enableLVE'] = new DAttrHelp("Cloud-Linux", 'CloudLinuxの軽量バーチャル環境(LVE)が存在する場合に有効にするかどうかを指定します。 LiteSpeedをLVEと共に使用すると、より良いリソース管理を実現できます。 詳細については、http://www.cloudlinux.comを参照してください。', '', '選択', ''); +$_tipsdb['enableLVE'] = new DAttrHelp("Cloud-Linux", 'CloudLinuxの軽量バーチャル環境(LVE)が存在する場合に有効にするかどうかを指定します。 LiteSpeedをLVEと共に使用すると、より良いリソース管理を実現できます。 詳細については、http://www.cloudlinux.comを参照してください。', '', '選択', ''); $_tipsdb['enableRecaptcha'] = new DAttrHelp("Enable reCAPTCHA", 'Enable the reCAPTCHA Protection feature at the current level. This setting must be set to Yes at the Server level before the reCAPTCHA Protection feature can be used.

Default values:
Server-level: Yes
VH-Level: Inherit Server level setting', '', 'ラジオボックスから選択', ''); @@ -226,7 +226,7 @@ $_tipsdb['enableScript'] = new DAttrHelp("スクリプトを有効にする", 'このバーチャルホストでスクリプティング(非静的ページ)を許可するかどうかを指定します。 無効にすると、CGI、FastCGI、LSAPI、サーブレットエンジン、その他のスクリプト言語はこのバーチャルホストでは許可されません。 このため、スクリプトハンドラを使用する場合は、スクリプトハンドラもここで有効にする必要があります。', '', 'ラジオボックスから選択', ''); -$_tipsdb['enableSpdy'] = new DAttrHelp("SPDY/HTTP2を有効にする", 'HTTP/2とSPDYは、ページロード時間を短縮する目的で、HTTPネットワークプロトコルの新バージョンです。 より多くの情報はhttp://en.wikipedia.org/wiki/HTTP/2で見つけることができます。', 'This setting can be set at the listener and virtual host levels.', '有効にするプロトコルを確認します。 すべてのボックスをチェックしないと、SPDYとHTTP/2のサポート(デフォルト)が有効になります。 SPDYとHTTP/2を無効にする場合は、「なし」のみをチェックし、その他のチェックボックスはすべてオフにします。', ''); +$_tipsdb['enableSpdy'] = new DAttrHelp("SPDY/HTTP2を有効にする", 'HTTP/2とSPDYは、ページロード時間を短縮する目的で、HTTPネットワークプロトコルの新バージョンです。 より多くの情報は http://en.wikipedia.org/wiki/HTTP/2 で見つけることができます。', 'This setting can be set at the listener and virtual host levels.', '有効にするプロトコルを確認します。 すべてのボックスをチェックしないと、SPDYとHTTP/2のサポート(デフォルト)が有効になります。 SPDYとHTTP/2を無効にする場合は、「なし」のみをチェックし、その他のチェックボックスはすべてオフにします。', ''); $_tipsdb['enableStapling'] = new DAttrHelp("OCSPステープルを有効にする", 'OCSPステープルを有効にするかどうかを決定します。これは、公開鍵証明書を検証するより効率的な方法です。', '', 'ラジオボックスから選択', ''); @@ -258,7 +258,7 @@ $_tipsdb['extAppType'] = new DAttrHelp("タイプ", '外部アプリケーションのタイプを指定します。 アプリケーションタイプは、提供するサービスまたはサーバーとの通信に使用するプロトコルによって区別されます。 以下から選んでください。 ', 'ほとんどのアプリケーションは、LSAPIまたはFastCGIプロトコルを使用します。 LSAPIはPHP、Ruby、Pythonをサポートしています。 PerlはFastCGIで使用できます。 (PHP、Ruby、およびPythonはFastCGIを使用して実行するように設定することもできますが、LSAPIを使用する方が高速です)。Javaはサーブレットエンジンを使用します。', 'ドロップダウンリストから選択', ''); -$_tipsdb['extAuthorizer'] = new DAttrHelp("承認者", '権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、http://www.fastcgi.comを参照してください。 。', '', 'ドロップダウンリストから選択', ''); +$_tipsdb['extAuthorizer'] = new DAttrHelp("承認者", '権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、 https://fastcgi-archives.github.io/ を参照してください。 。', '', 'ドロップダウンリストから選択', ''); $_tipsdb['extGroup'] = new DAttrHelp("suEXECグループ", '外部アプリケーションが実行されるグループ名を指定します。', '', '有効なグループ名。', ''); @@ -502,7 +502,7 @@ $_tipsdb['quicEnable'] = new DAttrHelp("Enable HTTP3/QUIC", 'Enables the HTTP3/QUIC network protocol server wide. Default value is Yes.', 'When this setting is set to Yes, HTTP3/QUIC can still be disabled at the listener level through the "Open HTTP3/QUIC (UDP) port" setting, or at the virtual host level through the "Enable HTTP3/QUIC" setting.', 'ラジオボックスから選択', ''); -$_tipsdb['quicEnableDPLPMTUD'] = new DAttrHelp("Enable DPLPMTUD", 'Enable Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).

Background on DPLPMTUD (RFC 8899)

Default value: Yes', '', 'ラジオボックスから選択', ''); +$_tipsdb['quicEnableDPLPMTUD'] = new DAttrHelp("Enable DPLPMTUD", 'Enable Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).

Background on DPLPMTUD (RFC 8899)

Default value: Yes', '', 'ラジオボックスから選択', ''); $_tipsdb['quicHandshakeTimeout'] = new DAttrHelp("Handshake Timeout", 'The time in seconds a new QUIC connection is given to complete its handshake, after which the connection is aborted. Default value is 10.', '', 'Integer number between 1 and 15', ''); @@ -628,7 +628,7 @@ $_tipsdb['sslEnableMultiCerts'] = new DAttrHelp("複数のSSL証明書を有効にする", 'リスナー/バーチャルホストが複数のSSL証明書を設定できるようにします。 複数の証明書が有効な場合、証明書/キーは命名規則に従うことが想定されます。 証明書の名前がserver.crtの場合、その他の可能な証明書名はserver.crt.rsa、server.crt.dsa、server.crt.eccです。 「未設定」の場合、デフォルトは「いいえ」です。', '', 'ラジオボックスから選択', ''); -$_tipsdb['sslOCSP'] = new DAttrHelp("OCSPステープリング", 'オンライン証明書ステータスプロトコル(OCSP)は、デジタル証明書が有効かどうかを確認するより効率的な方法です。 OCSP応答者である他のサーバーと通信して、証明書失効リスト(CRL)をチェックする代わりに証明書が有効であることを確認します。
OCSPステープリングは、このプロトコルのさらなる改良であり、証明書が要求されるたびにではなく、定期的な間隔でサーバーがOCSPレスポンダを確認できるようにします。 詳細については、OCSP Wikipediaのページをご覧ください。', '', '', ''); +$_tipsdb['sslOCSP'] = new DAttrHelp("OCSPステープリング", 'オンライン証明書ステータスプロトコル(OCSP)は、デジタル証明書が有効かどうかを確認するより効率的な方法です。 OCSP応答者である他のサーバーと通信して、証明書失効リスト(CRL)をチェックする代わりに証明書が有効であることを確認します。
OCSPステープリングは、このプロトコルのさらなる改良であり、証明書が要求されるたびにではなく、定期的な間隔でサーバーがOCSPレスポンダを確認できるようにします。 詳細については、 OCSP Wikipedia のページをご覧ください。', '', '', ''); $_tipsdb['sslOcspProxy'] = new DAttrHelp("OCSP Proxy", 'Socket address used as the proxy server address for OCSP verification. Leave this setting unset If not using a proxy.

Default value: not set', '', 'Socket Address', ''); diff --git a/dist/admin/html.open/res/lang/zh-CN_tips.php b/dist/admin/html.open/res/lang/zh-CN_tips.php index 9ad1ff94e..8221ccce1 100644 --- a/dist/admin/html.open/res/lang/zh-CN_tips.php +++ b/dist/admin/html.open/res/lang/zh-CN_tips.php @@ -146,9 +146,9 @@ $_tipsdb['brStaticCompressLevel'] = new DAttrHelp("Brotli 压缩等级 (静态文件)", '指定Brotli压缩静态内容的级别。 范围从1 (最低)到9 (最高)。

当设置为 0时, brotli压缩将在全局禁用。

Default value: 5', '[性能建议] 压缩可以用来节省网络带宽。 基于文本的响应(例如html,css和javascript文件)效果最好,平均可以将其压缩为原始大小的一半。', 'Number between 0 and 11.', ''); -$_tipsdb['bubbleWrap'] = new DAttrHelp("Bubblewrap Container", 'Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/index.php/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

Default values:
Server level: Disabled
VH level: Inherit Server level setting', '', '从列表中选择', ''); +$_tipsdb['bubbleWrap'] = new DAttrHelp("Bubblewrap Container", 'Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/title/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

Default values:
Server level: Disabled
VH level: Inherit Server level setting', '', '从列表中选择', ''); -$_tipsdb['bubbleWrapCmd'] = new DAttrHelp("Bubblewrap Command", 'bubblewraps使用的完整的命令, 包括bubblewrap程序本身。 有关配置此命令的更多信息,请参见: https://openlitespeed.org/kb/bubblewrap-in-openlitespeed/ . 如果未指定,将使用下面列出的默认命令。

默认值: /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --dir /tmp --proc /proc --symlink../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /home/$USER /home/$USER --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’', '', '', ''); +$_tipsdb['bubbleWrapCmd'] = new DAttrHelp("Bubblewrap Command", 'bubblewraps使用的完整的命令, 包括bubblewrap程序本身。 有关配置此命令的更多信息,请参见: https://openlitespeed.org/kb/bubblewrap-in-openlitespeed/ . 如果未指定,将使用下面列出的默认命令。

默认值: /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --dir /tmp --proc /proc --symlink../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /home/$USER /home/$USER --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’', '', '', ''); $_tipsdb['certChain'] = new DAttrHelp("证书链", '指定证书是否为证书链。 存储证书链的文件必须为PEM格式, 并且证书必须按照从最低级别(实际的客户端或服务器证书)到最高级别(Root)CA的链接顺序。', '', '从单选框选择', ''); @@ -218,7 +218,7 @@ $_tipsdb['enableIpGeo'] = new DAttrHelp("启用IP地理定位", '指定是否启用IP地理定位查找。 可以在服务器级别,虚拟主机级别,或context级别设置。', '', '从单选框选择', ''); -$_tipsdb['enableLVE'] = new DAttrHelp("Cloud-Linux", '指定当CloudLinux存在时是否启用CloudLinux的轻量级虚拟 环境(LVE)。您可以搭配使用Litespeed与LVE实现更好的资源管理。 欲了解更多信息,请访问 http: //www.cloudlinux.com。', '', '从列表中选择', ''); +$_tipsdb['enableLVE'] = new DAttrHelp("Cloud-Linux", '指定当CloudLinux存在时是否启用CloudLinux的轻量级虚拟 环境(LVE)。您可以搭配使用Litespeed与LVE实现更好的资源管理。 欲了解更多信息,请访问 http://www.cloudlinux.com。', '', '从列表中选择', ''); $_tipsdb['enableRecaptcha'] = new DAttrHelp("启用reCAPTCHA", '必须先在服务器级别将此设置设置为是,才能在当前级别启用并使用reCAPTCHA保护功能。

默认值:
服务器级别:
虚拟主机级别: 继承服务器级别设置', '', '从单选框选择', ''); @@ -258,7 +258,7 @@ $_tipsdb['extAppType'] = new DAttrHelp("类型", '指定外部应用程序的类型。 应用程序类型根据它们提供的服务或与服务器通信所使用的协议而有所不同。 从中选择 ', 'Most applications will use either LSAPI or FastCGI protocol. LSAPI supports PHP, Ruby, and Python. Perl can be used with FastCGI. (PHP, Ruby, and Python can also be set up to run using FastCGI, but they run faster using LSAPI.) Java uses servlet engines.', '从列表中选择', ''); -$_tipsdb['extAuthorizer'] = new DAttrHelp("Authorizer", '指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问http://www.fastcgi.com。', '', '从列表中选择', ''); +$_tipsdb['extAuthorizer'] = new DAttrHelp("Authorizer", '指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问https://fastcgi-archives.github.io/。', '', '从列表中选择', ''); $_tipsdb['extGroup'] = new DAttrHelp("以特定组运行", '外部应用程序将作为此指定的组名运行。如果未设置,将继承虚拟主机级别的设置。

Default value: Not Set', '', 'Valid group name.', ''); @@ -502,7 +502,7 @@ $_tipsdb['quicEnable'] = new DAttrHelp("启用HTTP3/QUIC", '在整个服务器范围内启用HTTP3/QUIC网络协议。 默认值为是。', '当此设置设置为是时,仍然可以通过"打开HTTP3/QUIC (UDP) 端口"设置在侦听器级别 或通过"Enable HTTP3/QUIC"设置在虚拟主机级别禁用HTTP3/QUIC', '从单选框选择', ''); -$_tipsdb['quicEnableDPLPMTUD'] = new DAttrHelp("启用 DPLPMTUD", '启用 Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).

Background on DPLPMTUD (RFC 8899)

Default value: Yes', '', '从单选框选择', ''); +$_tipsdb['quicEnableDPLPMTUD'] = new DAttrHelp("启用 DPLPMTUD", '启用 Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).

Background on DPLPMTUD (RFC 8899)

Default value: Yes', '', '从单选框选择', ''); $_tipsdb['quicHandshakeTimeout'] = new DAttrHelp("握手超时时间", '给出新的QUIC连接完成其握手的时间(以秒为单位),超过限制时间后连接将中止。 默认值为10。', '', 'Integer number between 1 and 15', ''); @@ -582,9 +582,9 @@ $_tipsdb['rewriteLogLevel'] = new DAttrHelp("日志级别", '指定重写调试输出的详细程度。 此值的范围是0-9。 设置为0将禁用日志记录。 设置为9将产生 最详细的日志。 服务器和虚拟主机的错误日志"日志级别" 至少设置为INFO才能使此选项生效。 这对测试重写规则很有帮助。', '', '整数', ''); -$_tipsdb['rewriteMapLocation'] = new DAttrHelp("Location", 'Specifies the location of the rewrite map using the syntax MapType:MapSource.
LiteSpeed's rewrite engine supports three types of rewrite maps: The implementation of LiteSpeed's rewrite engine follows the specifications of Apache's rewrite engine. For more details about rewrite map, please refer to Apache's mod_rewrite document.', '', 'String', ''); +$_tipsdb['rewriteMapLocation'] = new DAttrHelp("Location", 'Specifies the location of the rewrite map using the syntax MapType:MapSource.
LiteSpeed's rewrite engine supports three types of rewrite maps: The implementation of LiteSpeed's rewrite engine follows the specifications of Apache's rewrite engine. For more details about rewrite map, please refer to Apache's mod_rewrite document .', '', 'String', ''); -$_tipsdb['rewriteMapName'] = new DAttrHelp("名称", 'Specifies a unique name for the rewrite map at the virtual host level. This name will be used by a mapping-reference in rewrite rules. When referencing this name, one of the following syntaxes should be used:
$\{MapName:LookupKey\}
$\{MapName:LookupKey|DefaultValue\}

The implementation of LiteSpeed's rewrite engine follows the specifications of Apache's rewrite engine. For more details about rewrite maps, please refer to Apache's mod_rewrite document.', '', 'string', ''); +$_tipsdb['rewriteMapName'] = new DAttrHelp("名称", 'Specifies a unique name for the rewrite map at the virtual host level. This name will be used by a mapping-reference in rewrite rules. When referencing this name, one of the following syntaxes should be used:
$\{MapName:LookupKey\}
$\{MapName:LookupKey|DefaultValue\}

The implementation of LiteSpeed's rewrite engine follows the specifications of Apache's rewrite engine. For more details about rewrite maps, please refer to Apache's mod_rewrite document .', '', 'string', ''); $_tipsdb['rewriteRules'] = new DAttrHelp("重写规则", '指定虚拟主机级别的重写规则。

请勿在此处添加任何目录级重写规则。 如果您在.htaccess有任何目录级的重写规则,则应该使用uri"/"创建一个静态context, 并在那里添加重写规则。

重写规则由一个RewriteRule组成,并可可以在多个RewriteCond之后。
LiteSpeed的重写规则遵循Apache的重写规范。 有关重写规则的更多详细信息,请参阅 Apache's mod_rewrite document(英文文档) Apache's URL rewriting guide(英文文档) .', '', 'string', ''); @@ -628,7 +628,7 @@ $_tipsdb['sslEnableMultiCerts'] = new DAttrHelp("启用多个SSL证书", '允许侦听器/虚拟主机设置多个SSL证书。 如果启用了多个证书,则证书/密钥应遵循命名方案。 如果证书名为server.crt,则其他可能的证书名称为server.crt.rsa, server.crt.dsa,server.crt.ecc。 如果为“未设置”,则默认为“否”。', '', '从单选框选择', ''); -$_tipsdb['sslOCSP'] = new DAttrHelp("OCSP装订", '在线证书状态协议(OCSP)是更加有效的检查数字证书是否有效的方式。 它通过与另一台服务器(OCSP响应服务器)通信,以获取证书有效的验证,而不是通过证书吊销列表(CRL)进行检查。

OCSP装订是对该协议的进一步改进,允许服务器以固定的时间间隔而不是每次请求证书时与OCSP响应程序进行检查。 有关更多详细信息,请参见 OCSP Wikipedia页面。', '', '', ''); +$_tipsdb['sslOCSP'] = new DAttrHelp("OCSP装订", '在线证书状态协议(OCSP)是更加有效的检查数字证书是否有效的方式。 它通过与另一台服务器(OCSP响应服务器)通信,以获取证书有效的验证,而不是通过证书吊销列表(CRL)进行检查。

OCSP装订是对该协议的进一步改进,允许服务器以固定的时间间隔而不是每次请求证书时与OCSP响应程序进行检查。 有关更多详细信息,请参见 OCSP Wikipedia页面 。', '', '', ''); $_tipsdb['sslOcspProxy'] = new DAttrHelp("OCSP Proxy", 'Socket address used as the proxy server address for OCSP verification. Leave this setting unset If not using a proxy.

Default value: not set', '', 'Socket Address', ''); diff --git a/dist/admin/html.open/view/UIBase.php b/dist/admin/html.open/view/UIBase.php index e4ee37602..1c3a51bbd 100644 --- a/dist/admin/html.open/view/UIBase.php +++ b/dist/admin/html.open/view/UIBase.php @@ -76,7 +76,7 @@ protected function main_tabs() public static function content_header($icon, $title, $subtitle='') { - $serverload = implode(', ', array_map(function($load) { return round($load, 5); }, \sys_getloadavg())); + $serverload = Service::getServerLoad(); $pid = Service::ServiceData(SInfo::DATA_PID); if ($subtitle != '') diff --git a/dist/admin/html.open/view/ajax_data.php b/dist/admin/html.open/view/ajax_data.php index ba25e8245..2e89d7676 100644 --- a/dist/admin/html.open/view/ajax_data.php +++ b/dist/admin/html.open/view/ajax_data.php @@ -9,9 +9,11 @@ function ajax_pid_load() { - $data = array( 'pid' => Service::ServiceData(SInfo::DATA_PID), - 'serverload' => implode(', ', array_map(function($load) { return round($load, 5); }, \sys_getloadavg())) ) ; - echo json_encode($data) ; + $data = [ + 'pid' => Service::ServiceData(SInfo::DATA_PID), + 'serverload' => Service::getServerLoad(), + ]; + echo json_encode($data); } function ajax_dashstat() diff --git a/dist/admin/misc/lscmctl b/dist/admin/misc/lscmctl index 41a8684c3..247399eca 100755 --- a/dist/admin/misc/lscmctl +++ b/dist/admin/misc/lscmctl @@ -3,11 +3,11 @@ # /******************************************** # LiteSpeed Cache Management Script # -# @author LiteSpeed Technologies, Inc. (https://www.litespeedtech.com) -# @copyright (c) 2017-2022 +# @author Michael Alegre +# @copyright (c) 2017-2022 LiteSpeed Technologies, Inc. # *********************************************/ -VERSION='1.11.2' +VERSION='1.12' OS=$(uname -s) SCRIPT_DIR=$(cd "$(dirname "${0}")" && pwd) @@ -55,13 +55,14 @@ printHelp() # shellcheck disable=SC2016 printCmdOption 'setcacheroot' '[-svr ] [-vh ]' 'List/Set server and/or virtual host cache roots. This command will list the current server and virtual host cache roots when no additional input is given. Use -svr and -vh to set those cache roots. The '"'"'$'"'"' character is not allowed when setting virtual host cache root. Virtual host cache root values starting with a '"'"'/'"'"' will automatically have '"'"'/$vh_user'"'"' appended to the end (this format was chosen to maintain compatibility with CageFS).' printCmdOption 'setversion' '[{--list | --latest | }]' 'List/Set active LSCWP version. This command will list the currently active version when no additional input is given. Use --list to show available versions or --latest to switch to the latest available version. A valid version number can also be provided to switch to that version specifically. This must be set before performing other lscmctl operations.' - printCmdOption 'scan' '[-n] [-e]' 'Scan for all WordPress installations. This command will create an lscm.data file under the "lsws/admin/lscdata" directory. Add the -n flag to only discover new installations. By adding the -e flag, LSC-WP will be enabled on all installations after scanning is complete.' + printCmdOption 'scan' '[-n] [-e]' 'Scan for all WordPress installations. This command will create an lscm.data file under the "lsws/admin/lscdata" directory. Add the -n flag to only discover new installations. By adding the -e flag, LSCWP will be enabled on all known installations after scanning is complete.' + printCmdOption 'scannew' '[-en] ' 'Scan for WordPress installations not already discovered in a previous scan. This command will create an lscm.data file under the "lsws/admin/lscdata" directory. By adding the -en flag, LSCWP will be enabled only on newly discovered installations after scanning is complete. If you would rather enable LSCWP for all known installations, after scanning for previously undiscovered installations, please use command '"'"'scan -n -e'"'"' instead.' printCmdOption 'enable' '{-m | }' 'Enables LSWCP for all discovered WordPress installations with the -m parameter or a single installation by providing the path to the WordPress installation directory.' printCmdOption 'disable' '{-m | }' 'Disables LSWCP for all discovered WordPress installations with the -m parameter or a single installation by providing the path to the WordPress installation directory.' printCmdOption 'upgrade' '{-m | }' 'Upgrade LSWCP for all discovered WordPress installations to the current active version with the -m parameter or a single installation by providing the path to the WordPress installation directory.' printCmdOption 'flag' '' 'Flag a single WordPress installation. Flagged installations will be skipped during mass operations.' printCmdOption 'unflag' '{-m | }' 'Unflag all discovered WordPress installations with the -m parameter or a single installation by providing the path to the WordPress installation directory. Flagged installations will be skipped during mass operations.' - printCmdOption 'status' '' 'Get the most up to date LSC-WP status for the provided WordPress installation.' + printCmdOption 'status' '' 'Get the most up to date LSCWP status for the provided WordPress installation.' printCmdOption 'dashnotify' '{-m | -wppath } [-plugin ] {-msgfile | -msg }' 'Notify all discovered WordPress installations with the provided message (plain text or HTML) using the Dash Notifier WordPress plugin with the -m parameter or a single installation by providing the path to the WordPress installation directory. A plugin slug can be included to have an install/activate button for that plugin added to the message as well. Installations containing a '"'"'.dash_notifier_bypass'"'"' file will not be notified.' printCmdOption 'dashnotifyremove' '{-m | }' 'Remove Dash Notifier plugin (and notification messages) from all discovered WordPress installations with the -m parameter or a single installation by providing the path to the WordPress installation directory.' printCmdOption 'cpanelplugin' '{--install | --uninstall | -autoinstall [{0 | 1}] | --fixconf}' '[cPanel/WHM Environment Only] Install or uninstall the LiteSpeed user-end plugin for cPanel for all cPanel accounts using the '"'"'--install'"'"' and '"'"'--uninstall'"'"' input flags. The plugin will appear as "LiteSpeed Web Cache Manager" under '"'"'Advanced'"'"' in the user'"'"'s cPanel dashboard. The '"'"'-autoinstall'"'"' input param can be used to check the current auto install status. When turned on, the cPanel plugin will be automatically installed when installing/updating the WHM plugin. Use '"'"'-autoinstall {0 | 1}'"'"' to manually turn this off and on respectively. The '"'"'--fixConf'"'"' input param can be used to re-populate the cPanel plugin'"'"'s configuration file values in case of an issue.' @@ -76,10 +77,10 @@ printHelp() printExample 'Set active LSCWP version to latest available' 'setversion --latest' printExample 'Set active LSCWP version to v1.5' 'setversion 1.5' printExample 'Discover all installations' 'scan' - printExample 'Discover new installations only, passing in path to PHP binary' '-php /path/to/php/ scan -n' - printExample 'Enable LSC-WP on all discovered installations' 'enable -m' - printExample 'Disable LSC-WP for a single installation' 'disable /home/user/public_html/wp' - printExample 'Get LSC-WP status for a single installation' 'status /home/user/public_html/wp' + printExample 'Discover new installations only, passing in path to PHP binary' '-php /path/to/php/ scannew' + printExample 'Enable LSCWP on all discovered installations' 'enable -m' + printExample 'Disable LSCWP for a single installation' 'disable /home/user/public_html/wp' + printExample 'Get LSCWP status for a single installation' 'status /home/user/public_html/wp' printExample 'Send a simple dashboard message to a single discovered WordPress installation' 'dashnotify -wppath /path/to/wp/install -msg "Hello World!"' printExample 'Broadcast a dashboard message recommending the LiteSpeed Cache for WordPress plugin to all discovered WordPress installations' 'dashnotify -m -plugin litespeed-cache -msgfile /path/to/msg/file' printExample 'Remove dashboard notifications (and Dash Notifier plugin) from all discovered WordPress installations' 'dashnotifyremove -m' diff --git a/dist/docs/AdminGeneral_Help.html b/dist/docs/AdminGeneral_Help.html index 055657ae7..383517588 100644 --- a/dist/docs/AdminGeneral_Help.html +++ b/dist/docs/AdminGeneral_Help.html @@ -17,7 +17,7 @@

OpenLiteSpeed Web Server Users' Manual

-

Version 1.7  — Rev. 28

+

Version 1.7  — Rev. 29

    diff --git a/dist/docs/AdminListeners_General_Help.html b/dist/docs/AdminListeners_General_Help.html index 4cc294d90..f4e784c31 100644 --- a/dist/docs/AdminListeners_General_Help.html +++ b/dist/docs/AdminListeners_General_Help.html @@ -17,7 +17,7 @@

    OpenLiteSpeed Web Server Users' Manual

    -

    Version 1.7  — Rev. 28

    +

    Version 1.7  — Rev. 29

      diff --git a/dist/docs/AdminListeners_SSL_Help.html b/dist/docs/AdminListeners_SSL_Help.html index 4d8df6405..518922e82 100644 --- a/dist/docs/AdminListeners_SSL_Help.html +++ b/dist/docs/AdminListeners_SSL_Help.html @@ -17,7 +17,7 @@

      OpenLiteSpeed Web Server Users' Manual

      -

      Version 1.7  — Rev. 28

      +

      Version 1.7  — Rev. 29

        diff --git a/dist/docs/AdminSecurity_Help.html b/dist/docs/AdminSecurity_Help.html index 27a9920ec..2e1854f4f 100644 --- a/dist/docs/AdminSecurity_Help.html +++ b/dist/docs/AdminSecurity_Help.html @@ -17,7 +17,7 @@

        OpenLiteSpeed Web Server Users' Manual

        -

        Version 1.7  — Rev. 28

        +

        Version 1.7  — Rev. 29

          diff --git a/dist/docs/App_Server_Context.html b/dist/docs/App_Server_Context.html index f93674aae..0479777c2 100644 --- a/dist/docs/App_Server_Context.html +++ b/dist/docs/App_Server_Context.html @@ -17,7 +17,7 @@

          OpenLiteSpeed Web Server Users' Manual

          -

          Version 1.7  — Rev. 28

          +

          Version 1.7  — Rev. 29

            @@ -119,11 +119,11 @@

            App Server Context

            Table of Contents

            Require (Authorized Users/Groups)

            Description

            Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.

            Syntax

            Syntax is compatible with Apache's Require directive. For example:

            • user username [username ...]
              Only listed users can access this context.
            • group groupid [groupid ...]
              Only users belonging to the listed groups can access this context.
            If this setting is not specified, all valid users will be allowed to access this resource.

          Access Allowed

          Description

          Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

          Syntax

          Comma-delimited list of IPs/sub-networks.

          Example

          Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

          Access Denied

          Description

          Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

          Syntax

          Comma-delimited list of IPs/sub-networks.

          Example

          Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.
          -

          Authorizer

          Description

          Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.

          Syntax

          Select from drop down list

          +

          Authorizer

          Description

          Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .

          Syntax

          Select from drop down list

          Enable Rewrite

          Description

          Specifies whether to enable LiteSpeed's URL rewrite engine. This option can be customized at the virtual host or context level, and is inherited along the directory tree until it is explicitly overridden.

          Syntax

          Select from radio box

          Rewrite Inherit

          Description

          Specifies whether to inherit rewrite rules from parent contexts. If rewrite is enabled and not inherited, rewrite base and rewrite rules defined in this context will be used.

          Syntax

          Select from radio box

          Rewrite Base

          Description

          Specifies the base URL for rewrite rules.

          Syntax

          URL

          -

          Rewrite Rules

          Description

          Specifies a list of rewrite rules at the virtual host level.

          Do NOT add any document root level rewrite rules here. If you have any document root level rewrite rules from .htaccess, you should instead create a static context with uri "/" and add the rewrite rules there.

          A rewrite rule is comprised of one RewriteRule directive and optionally preceded by multiple RewriteCond directives.

          • Each directive should take only one line.
          • RewriteCond and RewriteRule follow Apache's rewrite directive syntax. Just copy and paste rewrite directives from your Apache configuration files.
          • There are minor differences between LiteSpeed and Apache mod_rewrite implementation:
            • %\{LA-U:variable\} and %\{LA-F:variable\} are ignored by the LiteSpeed rewrite engine
            • Two new server variables are added in the LiteSpeed rewrite engine: %\{CURRENT_URI\} represents the current URI being processed by the rewrite engine and %\{SCRIPT_NAME\} has the same meaning as the corresponding CGI environment variable.
            • The LiteSpeed rewrite engine will stop processing rewrite rules after encountering an [L] flag to avoid looping while Apache mod_rewrite will stop processing rewrite rules for the current iteration only. This behavior is similar to that of the [END] flag in Apache mod_rewrite.

          The implementation of LiteSpeed's rewrite engine follows Apache's rewrite engine specifications. For more details about rewrite rules, please refer to Apache's mod_rewrite document and Apache's URL rewriting guide .

          Syntax

          string

          +

          Rewrite Rules

          Description

          Specifies a list of rewrite rules at the virtual host level.

          Do NOT add any document root level rewrite rules here. If you have any document root level rewrite rules from .htaccess, you should instead create a static context with uri "/" and add the rewrite rules there.

          A rewrite rule is comprised of one RewriteRule directive and optionally preceded by multiple RewriteCond directives.

          • Each directive should take only one line.
          • RewriteCond and RewriteRule follow Apache's rewrite directive syntax. Just copy and paste rewrite directives from your Apache configuration files.
          • There are minor differences between LiteSpeed and Apache mod_rewrite implementation:
            • %\{LA-U:variable\} and %\{LA-F:variable\} are ignored by the LiteSpeed rewrite engine
            • Two new server variables are added in the LiteSpeed rewrite engine: %\{CURRENT_URI\} represents the current URI being processed by the rewrite engine and %\{SCRIPT_NAME\} has the same meaning as the corresponding CGI environment variable.
            • The LiteSpeed rewrite engine will stop processing rewrite rules after encountering an [L] flag to avoid looping while Apache mod_rewrite will stop processing rewrite rules for the current iteration only. This behavior is similar to that of the [END] flag in Apache mod_rewrite.

          The implementation of LiteSpeed's rewrite engine follows Apache's rewrite engine specifications. For more details about rewrite rules, please refer to Apache's mod_rewrite document and Apache's URL rewriting guide .

          Syntax

          string

          Add Default Charset

          Description

          Specifies whether to add a character set tag to the "Content-Type" response header, when content type is either "text/html" or "text/plain" without any parameters. When set to Off, this function is disabled. When set to On, either the character set specified by Customized Default Charset or the default "iso-8859-1" will be added.

          Syntax

          Select from radio box

          Customized Default Charset

          Description

          Specifies a character set to be used when Add Default Charset is On. This is optional. The default value is iso-8859-1. This entry has no effect when Add Default Charset is Off.

          Syntax

          Name of a character set.

          Example

          utf-8

          Enable GeoLocation Lookup

          Description

          Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".

          Syntax

          Select from radio box

          See Also

          Use Client IP in Header, DB File Path,

          diff --git a/dist/docs/App_Server_Help.html b/dist/docs/App_Server_Help.html index a689df9fc..5442fdaf8 100644 --- a/dist/docs/App_Server_Help.html +++ b/dist/docs/App_Server_Help.html @@ -17,7 +17,7 @@

          OpenLiteSpeed Web Server Users' Manual

          -

          Version 1.7  — Rev. 28

          +

          Version 1.7  — Rev. 29

            diff --git a/dist/docs/CGI_Context.html b/dist/docs/CGI_Context.html index 93346f756..12ff8184b 100644 --- a/dist/docs/CGI_Context.html +++ b/dist/docs/CGI_Context.html @@ -17,7 +17,7 @@

            OpenLiteSpeed Web Server Users' Manual

            -

            Version 1.7  — Rev. 28

            +

            Version 1.7  — Rev. 29

              @@ -109,13 +109,13 @@

              CGI Context

              Table of Contents

              Require (Authorized Users/Groups)

              Description

              Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.

              Syntax

              Syntax is compatible with Apache's Require directive. For example:

              • user username [username ...]
                Only listed users can access this context.
              • group groupid [groupid ...]
                Only users belonging to the listed groups can access this context.
              If this setting is not specified, all valid users will be allowed to access this resource.

            Access Allowed

            Description

            Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

            Syntax

            Comma-delimited list of IPs/sub-networks.

            Example

            Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

            Access Denied

            Description

            Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

            Syntax

            Comma-delimited list of IPs/sub-networks.

            Example

            Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.
            -

            Authorizer

            Description

            Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.

            Syntax

            Select from drop down list

            +

            Authorizer

            Description

            Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .

            Syntax

            Select from drop down list

            Add Default Charset

            Description

            Specifies whether to add a character set tag to the "Content-Type" response header, when content type is either "text/html" or "text/plain" without any parameters. When set to Off, this function is disabled. When set to On, either the character set specified by Customized Default Charset or the default "iso-8859-1" will be added.

            Syntax

            Select from radio box

            Customized Default Charset

            Description

            Specifies a character set to be used when Add Default Charset is On. This is optional. The default value is iso-8859-1. This entry has no effect when Add Default Charset is Off.

            Syntax

            Name of a character set.

            Example

            utf-8

            Enable Rewrite

            Description

            Specifies whether to enable LiteSpeed's URL rewrite engine. This option can be customized at the virtual host or context level, and is inherited along the directory tree until it is explicitly overridden.

            Syntax

            Select from radio box

            Rewrite Inherit

            Description

            Specifies whether to inherit rewrite rules from parent contexts. If rewrite is enabled and not inherited, rewrite base and rewrite rules defined in this context will be used.

            Syntax

            Select from radio box

            Rewrite Base

            Description

            Specifies the base URL for rewrite rules.

            Syntax

            URL

            -

            Rewrite Rules

            Description

            Specifies a list of rewrite rules at the virtual host level.

            Do NOT add any document root level rewrite rules here. If you have any document root level rewrite rules from .htaccess, you should instead create a static context with uri "/" and add the rewrite rules there.

            A rewrite rule is comprised of one RewriteRule directive and optionally preceded by multiple RewriteCond directives.

            • Each directive should take only one line.
            • RewriteCond and RewriteRule follow Apache's rewrite directive syntax. Just copy and paste rewrite directives from your Apache configuration files.
            • There are minor differences between LiteSpeed and Apache mod_rewrite implementation:
              • %\{LA-U:variable\} and %\{LA-F:variable\} are ignored by the LiteSpeed rewrite engine
              • Two new server variables are added in the LiteSpeed rewrite engine: %\{CURRENT_URI\} represents the current URI being processed by the rewrite engine and %\{SCRIPT_NAME\} has the same meaning as the corresponding CGI environment variable.
              • The LiteSpeed rewrite engine will stop processing rewrite rules after encountering an [L] flag to avoid looping while Apache mod_rewrite will stop processing rewrite rules for the current iteration only. This behavior is similar to that of the [END] flag in Apache mod_rewrite.

            The implementation of LiteSpeed's rewrite engine follows Apache's rewrite engine specifications. For more details about rewrite rules, please refer to Apache's mod_rewrite document and Apache's URL rewriting guide .

            Syntax

            string

            +

            Rewrite Rules

            Description

            Specifies a list of rewrite rules at the virtual host level.

            Do NOT add any document root level rewrite rules here. If you have any document root level rewrite rules from .htaccess, you should instead create a static context with uri "/" and add the rewrite rules there.

            A rewrite rule is comprised of one RewriteRule directive and optionally preceded by multiple RewriteCond directives.

            • Each directive should take only one line.
            • RewriteCond and RewriteRule follow Apache's rewrite directive syntax. Just copy and paste rewrite directives from your Apache configuration files.
            • There are minor differences between LiteSpeed and Apache mod_rewrite implementation:
              • %\{LA-U:variable\} and %\{LA-F:variable\} are ignored by the LiteSpeed rewrite engine
              • Two new server variables are added in the LiteSpeed rewrite engine: %\{CURRENT_URI\} represents the current URI being processed by the rewrite engine and %\{SCRIPT_NAME\} has the same meaning as the corresponding CGI environment variable.
              • The LiteSpeed rewrite engine will stop processing rewrite rules after encountering an [L] flag to avoid looping while Apache mod_rewrite will stop processing rewrite rules for the current iteration only. This behavior is similar to that of the [END] flag in Apache mod_rewrite.

            The implementation of LiteSpeed's rewrite engine follows Apache's rewrite engine specifications. For more details about rewrite rules, please refer to Apache's mod_rewrite document and Apache's URL rewriting guide .

            Syntax

            string

            Enable GeoLocation Lookup

            Description

            Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".

            Syntax

            Select from radio box

            See Also

            Use Client IP in Header, DB File Path,

            diff --git a/dist/docs/CompilePHP_Help.html b/dist/docs/CompilePHP_Help.html index 8fa519286..8ab4d68fe 100644 --- a/dist/docs/CompilePHP_Help.html +++ b/dist/docs/CompilePHP_Help.html @@ -17,7 +17,7 @@

            OpenLiteSpeed Web Server Users' Manual

            -

            Version 1.7  — Rev. 28

            +

            Version 1.7  — Rev. 29

              diff --git a/dist/docs/Context_Help.html b/dist/docs/Context_Help.html index 1da699af9..51563cf8c 100644 --- a/dist/docs/Context_Help.html +++ b/dist/docs/Context_Help.html @@ -17,7 +17,7 @@

              OpenLiteSpeed Web Server Users' Manual

              -

              Version 1.7  — Rev. 28

              +

              Version 1.7  — Rev. 29

                diff --git a/dist/docs/ExtApp_Help.html b/dist/docs/ExtApp_Help.html index 1a9c3b68c..ebdb751f2 100644 --- a/dist/docs/ExtApp_Help.html +++ b/dist/docs/ExtApp_Help.html @@ -17,7 +17,7 @@

                OpenLiteSpeed Web Server Users' Manual

                -

                Version 1.7  — Rev. 28

                +

                Version 1.7  — Rev. 29

                  @@ -110,7 +110,7 @@

                  External Apps

                  LiteSpeed web serv
                • FastCGI is a fast, open, and secure web server interface that solves the performance problems inherent in CGI without introducing the overhead and complexity of proprietary APIs (Application Programming Interfaces). For more information, - please visit http://www.fastcgi.com. + please visit https://fastcgi-archives.github.io/. On LiteSpeed Web Server, FastCGI applications can take two roles: generating dynamic responses (a responder role) or diff --git a/dist/docs/External_FCGI.html b/dist/docs/External_FCGI.html index f2495f8d2..0331185b6 100644 --- a/dist/docs/External_FCGI.html +++ b/dist/docs/External_FCGI.html @@ -17,7 +17,7 @@

                  OpenLiteSpeed Web Server Users' Manual

                  -

                  Version 1.7  — Rev. 28

                  +

                  Version 1.7  — Rev. 29

                    diff --git a/dist/docs/External_FCGI_Auth.html b/dist/docs/External_FCGI_Auth.html index 32eb7d32f..762638e12 100644 --- a/dist/docs/External_FCGI_Auth.html +++ b/dist/docs/External_FCGI_Auth.html @@ -17,7 +17,7 @@

                    OpenLiteSpeed Web Server Users' Manual

                    -

                    Version 1.7  — Rev. 28

                    +

                    Version 1.7  — Rev. 29

                      diff --git a/dist/docs/External_LB.html b/dist/docs/External_LB.html index 65212a553..941833bf1 100644 --- a/dist/docs/External_LB.html +++ b/dist/docs/External_LB.html @@ -17,7 +17,7 @@

                      OpenLiteSpeed Web Server Users' Manual

                      -

                      Version 1.7  — Rev. 28

                      +

                      Version 1.7  — Rev. 29

                        diff --git a/dist/docs/External_LSAPI.html b/dist/docs/External_LSAPI.html index cd5093c95..0356df9e1 100644 --- a/dist/docs/External_LSAPI.html +++ b/dist/docs/External_LSAPI.html @@ -17,7 +17,7 @@

                        OpenLiteSpeed Web Server Users' Manual

                        -

                        Version 1.7  — Rev. 28

                        +

                        Version 1.7  — Rev. 29

                          diff --git a/dist/docs/External_PL.html b/dist/docs/External_PL.html index bba8ee3ae..c4c1ca4b4 100644 --- a/dist/docs/External_PL.html +++ b/dist/docs/External_PL.html @@ -17,7 +17,7 @@

                          OpenLiteSpeed Web Server Users' Manual

                          -

                          Version 1.7  — Rev. 28

                          +

                          Version 1.7  — Rev. 29

                            diff --git a/dist/docs/External_Servlet.html b/dist/docs/External_Servlet.html index e09f0403a..541cbd46a 100644 --- a/dist/docs/External_Servlet.html +++ b/dist/docs/External_Servlet.html @@ -17,7 +17,7 @@

                            OpenLiteSpeed Web Server Users' Manual

                            -

                            Version 1.7  — Rev. 28

                            +

                            Version 1.7  — Rev. 29

                              diff --git a/dist/docs/External_WS.html b/dist/docs/External_WS.html index 3018a257e..9c4685b98 100644 --- a/dist/docs/External_WS.html +++ b/dist/docs/External_WS.html @@ -17,7 +17,7 @@

                              OpenLiteSpeed Web Server Users' Manual

                              -

                              Version 1.7  — Rev. 28

                              +

                              Version 1.7  — Rev. 29

                                diff --git a/dist/docs/FCGI_Context.html b/dist/docs/FCGI_Context.html index 225f6b0ef..02c9d0ef1 100644 --- a/dist/docs/FCGI_Context.html +++ b/dist/docs/FCGI_Context.html @@ -17,7 +17,7 @@

                                OpenLiteSpeed Web Server Users' Manual

                                -

                                Version 1.7  — Rev. 28

                                +

                                Version 1.7  — Rev. 29

                                  @@ -108,7 +108,7 @@

                                  Fast CGI Context

                                  Table of Contents

                                  Require (Authorized Users/Groups)

                                  Description

                                  Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.

                                  Syntax

                                  Syntax is compatible with Apache's Require directive. For example:

                                  • user username [username ...]
                                    Only listed users can access this context.
                                  • group groupid [groupid ...]
                                    Only users belonging to the listed groups can access this context.
                                  If this setting is not specified, all valid users will be allowed to access this resource.

                                Access Allowed

                                Description

                                Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                Syntax

                                Comma-delimited list of IPs/sub-networks.

                                Example

                                Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

                                Access Denied

                                Description

                                Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                Syntax

                                Comma-delimited list of IPs/sub-networks.

                                Example

                                Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.
                                -

                                Authorizer

                                Description

                                Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.

                                Syntax

                                Select from drop down list

                                +

                                Authorizer

                                Description

                                Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .

                                Syntax

                                Select from drop down list

                                Add Default Charset

                                Description

                                Specifies whether to add a character set tag to the "Content-Type" response header, when content type is either "text/html" or "text/plain" without any parameters. When set to Off, this function is disabled. When set to On, either the character set specified by Customized Default Charset or the default "iso-8859-1" will be added.

                                Syntax

                                Select from radio box

                                Customized Default Charset

                                Description

                                Specifies a character set to be used when Add Default Charset is On. This is optional. The default value is iso-8859-1. This entry has no effect when Add Default Charset is Off.

                                Syntax

                                Name of a character set.

                                Example

                                utf-8

                                Enable GeoLocation Lookup

                                Description

                                Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".

                                Syntax

                                Select from radio box

                                See Also

                                Use Client IP in Header, DB File Path,

                                diff --git a/dist/docs/Java_Web_App_Context.html b/dist/docs/Java_Web_App_Context.html index e267111c4..197fe6bf2 100644 --- a/dist/docs/Java_Web_App_Context.html +++ b/dist/docs/Java_Web_App_Context.html @@ -17,7 +17,7 @@

                                OpenLiteSpeed Web Server Users' Manual

                                -

                                Version 1.7  — Rev. 28

                                +

                                Version 1.7  — Rev. 29

                                  @@ -114,7 +114,7 @@

                                  Java Web App Context

                                  Table of Contents

                                  Require (Authorized Users/Groups)

                                  Description

                                  Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.

                                  Syntax

                                  Syntax is compatible with Apache's Require directive. For example:

                                  • user username [username ...]
                                    Only listed users can access this context.
                                  • group groupid [groupid ...]
                                    Only users belonging to the listed groups can access this context.
                                  If this setting is not specified, all valid users will be allowed to access this resource.

                                Access Allowed

                                Description

                                Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                Syntax

                                Comma-delimited list of IPs/sub-networks.

                                Example

                                Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

                                Access Denied

                                Description

                                Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                Syntax

                                Comma-delimited list of IPs/sub-networks.

                                Example

                                Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.
                                -

                                Authorizer

                                Description

                                Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.

                                Syntax

                                Select from drop down list

                                +

                                Authorizer

                                Description

                                Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .

                                Syntax

                                Select from drop down list

                                Add Default Charset

                                Description

                                Specifies whether to add a character set tag to the "Content-Type" response header, when content type is either "text/html" or "text/plain" without any parameters. When set to Off, this function is disabled. When set to On, either the character set specified by Customized Default Charset or the default "iso-8859-1" will be added.

                                Syntax

                                Select from radio box

                                Customized Default Charset

                                Description

                                Specifies a character set to be used when Add Default Charset is On. This is optional. The default value is iso-8859-1. This entry has no effect when Add Default Charset is Off.

                                Syntax

                                Name of a character set.

                                Example

                                utf-8

                                Enable GeoLocation Lookup

                                Description

                                Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".

                                Syntax

                                Select from radio box

                                See Also

                                Use Client IP in Header, DB File Path,

                                diff --git a/dist/docs/LB_Context.html b/dist/docs/LB_Context.html index 7ff7c744d..c43185cb7 100644 --- a/dist/docs/LB_Context.html +++ b/dist/docs/LB_Context.html @@ -17,7 +17,7 @@

                                OpenLiteSpeed Web Server Users' Manual

                                -

                                Version 1.7  — Rev. 28

                                +

                                Version 1.7  — Rev. 29

                                  @@ -108,7 +108,7 @@

                                  Load Balancer Context

                                  Table of Contents

                                  Require (Authorized Users/Groups)

                                  Description

                                  Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.

                                  Syntax

                                  Syntax is compatible with Apache's Require directive. For example:

                                  • user username [username ...]
                                    Only listed users can access this context.
                                  • group groupid [groupid ...]
                                    Only users belonging to the listed groups can access this context.
                                  If this setting is not specified, all valid users will be allowed to access this resource.

                                Access Allowed

                                Description

                                Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                Syntax

                                Comma-delimited list of IPs/sub-networks.

                                Example

                                Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

                                Access Denied

                                Description

                                Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                Syntax

                                Comma-delimited list of IPs/sub-networks.

                                Example

                                Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.
                                -

                                Authorizer

                                Description

                                Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.

                                Syntax

                                Select from drop down list

                                +

                                Authorizer

                                Description

                                Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .

                                Syntax

                                Select from drop down list

                                Add Default Charset

                                Description

                                Specifies whether to add a character set tag to the "Content-Type" response header, when content type is either "text/html" or "text/plain" without any parameters. When set to Off, this function is disabled. When set to On, either the character set specified by Customized Default Charset or the default "iso-8859-1" will be added.

                                Syntax

                                Select from radio box

                                Customized Default Charset

                                Description

                                Specifies a character set to be used when Add Default Charset is On. This is optional. The default value is iso-8859-1. This entry has no effect when Add Default Charset is Off.

                                Syntax

                                Name of a character set.

                                Example

                                utf-8

                                Enable GeoLocation Lookup

                                Description

                                Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".

                                Syntax

                                Select from radio box

                                See Also

                                Use Client IP in Header, DB File Path,

                                diff --git a/dist/docs/LSAPI_Context.html b/dist/docs/LSAPI_Context.html index 1eeb10143..54912fe16 100644 --- a/dist/docs/LSAPI_Context.html +++ b/dist/docs/LSAPI_Context.html @@ -17,7 +17,7 @@

                                OpenLiteSpeed Web Server Users' Manual

                                -

                                Version 1.7  — Rev. 28

                                +

                                Version 1.7  — Rev. 29

                                  @@ -108,7 +108,7 @@

                                  LiteSpeed SAPI Context

                                  Table of Contents

                                  Require (Authorized Users/Groups)

                                  Description

                                  Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.

                                  Syntax

                                  Syntax is compatible with Apache's Require directive. For example:

                                  • user username [username ...]
                                    Only listed users can access this context.
                                  • group groupid [groupid ...]
                                    Only users belonging to the listed groups can access this context.
                                  If this setting is not specified, all valid users will be allowed to access this resource.

                                Access Allowed

                                Description

                                Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                Syntax

                                Comma-delimited list of IPs/sub-networks.

                                Example

                                Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

                                Access Denied

                                Description

                                Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                Syntax

                                Comma-delimited list of IPs/sub-networks.

                                Example

                                Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.
                                -

                                Authorizer

                                Description

                                Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.

                                Syntax

                                Select from drop down list

                                +

                                Authorizer

                                Description

                                Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .

                                Syntax

                                Select from drop down list

                                Add Default Charset

                                Description

                                Specifies whether to add a character set tag to the "Content-Type" response header, when content type is either "text/html" or "text/plain" without any parameters. When set to Off, this function is disabled. When set to On, either the character set specified by Customized Default Charset or the default "iso-8859-1" will be added.

                                Syntax

                                Select from radio box

                                Customized Default Charset

                                Description

                                Specifies a character set to be used when Add Default Charset is On. This is optional. The default value is iso-8859-1. This entry has no effect when Add Default Charset is Off.

                                Syntax

                                Name of a character set.

                                Example

                                utf-8

                                Enable GeoLocation Lookup

                                Description

                                Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".

                                Syntax

                                Select from radio box

                                See Also

                                Use Client IP in Header, DB File Path,

                                diff --git a/dist/docs/Listeners_General_Help.html b/dist/docs/Listeners_General_Help.html index faec6393c..a32f85ea4 100644 --- a/dist/docs/Listeners_General_Help.html +++ b/dist/docs/Listeners_General_Help.html @@ -17,7 +17,7 @@

                                OpenLiteSpeed Web Server Users' Manual

                                -

                                Version 1.7  — Rev. 28

                                +

                                Version 1.7  — Rev. 29

                                  diff --git a/dist/docs/Listeners_SSL_Help.html b/dist/docs/Listeners_SSL_Help.html index d958f0c6a..05b289a5b 100644 --- a/dist/docs/Listeners_SSL_Help.html +++ b/dist/docs/Listeners_SSL_Help.html @@ -17,7 +17,7 @@

                                  OpenLiteSpeed Web Server Users' Manual

                                  -

                                  Version 1.7  — Rev. 28

                                  +

                                  Version 1.7  — Rev. 29

                                    @@ -123,7 +123,7 @@

                                    Listeners SSL

                                    Table of Contents

                                    Enable Session Tickets

                                    Description

                                    Enables session tickets using OpenSSL's default session ticket setting. Server-level setting must be set to "Yes" for Virtual Host setting to take effect.

                                    Default values:
                                    Server-level: Yes
                                    VH-Level: Yes

                                    Syntax

                                    Select from radio box

                                  ALPN

                                  Description

                                  Selectively enable HTTP/3, HTTP/2, and SPDY HTTP network protocols.

                                  If you wish to disable SPDY, HTTP/2, and HTTP3, check "None" and leave all other boxes unchecked.

                                  Default value: All enabled

                                  Syntax

                                  Select from checkbox

                                  Tips

                                  This setting can be set at the listener and virtual host levels.

                                  Open HTTP3/QUIC (UDP) port

                                  Description

                                  Allows the use of the HTTP3/QUIC network protocol for virtual hosts mapped to this listener. For this setting to take effect, Enable HTTP3/QUIC must also be set to Yes at the server level. Default value is Yes.

                                  Tips

                                  When this setting is set to Yes, HTTP3/QUIC can still be disabled at the virtual host level through the Enable HTTP3/QUIC setting.

                                  -

                                  OCSP Stapling

                                  Description

                                  Online Certificate Status Protocol (OCSP) is a more efficient method of checking whether a digital certificate is valid. It works by communicating with another server — the OCSP responder — to get verification that the certificate is valid instead of checking through certificate revocation lists (CRL).

                                  OCSP stapling is a further improvement on this protocol, allowing the server to check with the OCSP responder at regular intervals instead of every time a certificate is requested. See the OCSP Wikipedia page for more details.

                                  +

                                  OCSP Stapling

                                  Description

                                  Online Certificate Status Protocol (OCSP) is a more efficient method of checking whether a digital certificate is valid. It works by communicating with another server — the OCSP responder — to get verification that the certificate is valid instead of checking through certificate revocation lists (CRL).

                                  OCSP stapling is a further improvement on this protocol, allowing the server to check with the OCSP responder at regular intervals instead of every time a certificate is requested. See the OCSP Wikipedia page for more details.

                                  Enable OCSP Stapling

                                  Description

                                  Determines whether to enable OCSP stapling, a more efficient way of verifying public key certificates.

                                  Syntax

                                  Select from radio box

                                  OCSP Response Max Age (secs)

                                  Description

                                  This option sets the maximum allowable age for an OCSP response. If an OCSP response is older than this maximum age, the server will contact the OCSP responder for a new response. The default value is 86400. Maximum age can be turned off by setting this value to -1.

                                  Syntax

                                  Integer of seconds

                                  OCSP Responder

                                  Description

                                  Specifies the URL of the OCSP responder to be used. If not set, the server will attempt to contact the OCSP responder detailed in the certificate authority's issuer certificate. Some issuer certificates may not have an OCSP responder URL specified.

                                  Syntax

                                  URL starting with http://

                                  Example

                                  http://rapidssl-ocsp.geotrust.com
                                  diff --git a/dist/docs/Module_Context.html b/dist/docs/Module_Context.html index ea871995b..707d01d5e 100644 --- a/dist/docs/Module_Context.html +++ b/dist/docs/Module_Context.html @@ -17,7 +17,7 @@

                                  OpenLiteSpeed Web Server Users' Manual

                                  -

                                  Version 1.7  — Rev. 28

                                  +

                                  Version 1.7  — Rev. 29

                                    @@ -108,7 +108,7 @@

                                    Module Handler Context

                                    Table of Contents

                                    Require (Authorized Users/Groups)

                                    Description

                                    Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.

                                    Syntax

                                    Syntax is compatible with Apache's Require directive. For example:

                                    • user username [username ...]
                                      Only listed users can access this context.
                                    • group groupid [groupid ...]
                                      Only users belonging to the listed groups can access this context.
                                    If this setting is not specified, all valid users will be allowed to access this resource.

                                  Access Allowed

                                  Description

                                  Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                  Syntax

                                  Comma-delimited list of IPs/sub-networks.

                                  Example

                                  Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

                                  Access Denied

                                  Description

                                  Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                  Syntax

                                  Comma-delimited list of IPs/sub-networks.

                                  Example

                                  Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.
                                  -

                                  Authorizer

                                  Description

                                  Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.

                                  Syntax

                                  Select from drop down list

                                  +

                                  Authorizer

                                  Description

                                  Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .

                                  Syntax

                                  Select from drop down list

                                  Add Default Charset

                                  Description

                                  Specifies whether to add a character set tag to the "Content-Type" response header, when content type is either "text/html" or "text/plain" without any parameters. When set to Off, this function is disabled. When set to On, either the character set specified by Customized Default Charset or the default "iso-8859-1" will be added.

                                  Syntax

                                  Select from radio box

                                  Customized Default Charset

                                  Description

                                  Specifies a character set to be used when Add Default Charset is On. This is optional. The default value is iso-8859-1. This entry has no effect when Add Default Charset is Off.

                                  Syntax

                                  Name of a character set.

                                  Example

                                  utf-8

                                  Enable GeoLocation Lookup

                                  Description

                                  Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".

                                  Syntax

                                  Select from radio box

                                  See Also

                                  Use Client IP in Header, DB File Path,

                                  diff --git a/dist/docs/Module_Help.html b/dist/docs/Module_Help.html index a5646a4c8..fd170c02e 100644 --- a/dist/docs/Module_Help.html +++ b/dist/docs/Module_Help.html @@ -17,7 +17,7 @@

                                  OpenLiteSpeed Web Server Users' Manual

                                  -

                                  Version 1.7  — Rev. 28

                                  +

                                  Version 1.7  — Rev. 29

                                    diff --git a/dist/docs/Proxy_Context.html b/dist/docs/Proxy_Context.html index 3ce4549b8..2170bd5e5 100644 --- a/dist/docs/Proxy_Context.html +++ b/dist/docs/Proxy_Context.html @@ -17,7 +17,7 @@

                                    OpenLiteSpeed Web Server Users' Manual

                                    -

                                    Version 1.7  — Rev. 28

                                    +

                                    Version 1.7  — Rev. 29

                                      @@ -108,7 +108,7 @@

                                      Proxy Context

                                      Table of Contents

                                      Require (Authorized Users/Groups)

                                      Description

                                      Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.

                                      Syntax

                                      Syntax is compatible with Apache's Require directive. For example:

                                      • user username [username ...]
                                        Only listed users can access this context.
                                      • group groupid [groupid ...]
                                        Only users belonging to the listed groups can access this context.
                                      If this setting is not specified, all valid users will be allowed to access this resource.

                                    Access Allowed

                                    Description

                                    Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                    Syntax

                                    Comma-delimited list of IPs/sub-networks.

                                    Example

                                    Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

                                    Access Denied

                                    Description

                                    Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                    Syntax

                                    Comma-delimited list of IPs/sub-networks.

                                    Example

                                    Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.
                                    -

                                    Authorizer

                                    Description

                                    Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.

                                    Syntax

                                    Select from drop down list

                                    +

                                    Authorizer

                                    Description

                                    Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .

                                    Syntax

                                    Select from drop down list

                                    Add Default Charset

                                    Description

                                    Specifies whether to add a character set tag to the "Content-Type" response header, when content type is either "text/html" or "text/plain" without any parameters. When set to Off, this function is disabled. When set to On, either the character set specified by Customized Default Charset or the default "iso-8859-1" will be added.

                                    Syntax

                                    Select from radio box

                                    Customized Default Charset

                                    Description

                                    Specifies a character set to be used when Add Default Charset is On. This is optional. The default value is iso-8859-1. This entry has no effect when Add Default Charset is Off.

                                    Syntax

                                    Name of a character set.

                                    Example

                                    utf-8

                                    Enable GeoLocation Lookup

                                    Description

                                    Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".

                                    Syntax

                                    Select from radio box

                                    See Also

                                    Use Client IP in Header, DB File Path,

                                    diff --git a/dist/docs/Redirect_Context.html b/dist/docs/Redirect_Context.html index f01cbcb78..d0e544ce7 100644 --- a/dist/docs/Redirect_Context.html +++ b/dist/docs/Redirect_Context.html @@ -17,7 +17,7 @@

                                    OpenLiteSpeed Web Server Users' Manual

                                    -

                                    Version 1.7  — Rev. 28

                                    +

                                    Version 1.7  — Rev. 29

                                      @@ -110,7 +110,7 @@

                                      Redirect Context

                                      Table of Contents

                                      Require (Authorized Users/Groups)

                                      Description

                                      Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.

                                      Syntax

                                      Syntax is compatible with Apache's Require directive. For example:

                                      • user username [username ...]
                                        Only listed users can access this context.
                                      • group groupid [groupid ...]
                                        Only users belonging to the listed groups can access this context.
                                      If this setting is not specified, all valid users will be allowed to access this resource.

                                    Access Allowed

                                    Description

                                    Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                    Syntax

                                    Comma-delimited list of IPs/sub-networks.

                                    Example

                                    Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

                                    Access Denied

                                    Description

                                    Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                                    Syntax

                                    Comma-delimited list of IPs/sub-networks.

                                    Example

                                    Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.
                                    -

                                    Authorizer

                                    Description

                                    Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.

                                    Syntax

                                    Select from drop down list

                                    +

                                    Authorizer

                                    Description

                                    Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .

                                    Syntax

                                    Select from drop down list

                diff --git a/dist/docs/Rewrite_Help.html b/dist/docs/Rewrite_Help.html index 7beaf9421..ef5ec32ea 100644 --- a/dist/docs/Rewrite_Help.html +++ b/dist/docs/Rewrite_Help.html @@ -17,7 +17,7 @@

                OpenLiteSpeed Web Server Users' Manual

                -

                Version 1.7  — Rev. 28

                +

                Version 1.7  — Rev. 29

                  @@ -108,7 +108,7 @@

                  Rewrite

                  Table of Contents

                  Log Level

                  Description

                  Specifies the level of detail of the rewrite engine's debug output. This value ranges from 0 - 9. 0 disables logging. 9 produces the most detailed log. The server and virtual host's error log Log Level must be set to at least INFO for this option to take effect. This is useful when testing rewrite rules.

                  Syntax

                  Integer number

                  See Also

                  Server Log Level, Virtual Host Log Level

                Name

                Description

                Specifies a unique name for the rewrite map at the virtual host level. This name will be used by a mapping-reference in rewrite rules. When referencing this name, one of the following syntaxes should be used:

                $\{MapName:LookupKey\}
                $\{MapName:LookupKey|DefaultValue\}

                The implementation of LiteSpeed's rewrite engine follows the specifications of Apache's rewrite engine. For more details about rewrite maps, please refer to Apache's mod_rewrite document.

                Syntax

                string

                Location

                Description

                Specifies the location of the rewrite map using the syntax MapType:MapSource.
                LiteSpeed's rewrite engine supports three types of rewrite maps:

                • Standard Plain Text
                  MapType: txt;
                  MapSource: file path to a valid plain ASCII file.
                  Each line of this file should contain two elements separated by blank spaces. The first element is the key and the second element is the value. Comments can be added with a leading "#" sign.
                • Randomized Plain Text
                  MapType: rnd;
                  MapSource: file path of a valid plain ASCII file.
                  File format is similar to the Standard Plain Text file, except that the second element can contain multiple choices separated by a "|" sign and chosen randomly by the rewrite engine.
                • Internal Function
                  MapType: int;
                  MapSource: Internal string function
                  4 functions are available:
                  • toupper: converts lookup key to upper cases.
                  • tolower: converts lookup key to lower cases.
                  • escape: perform URL encoding on lookup key.
                  • unescape: perform URL decoding on lookup key.
                  • The following map types available in Apache have not been implemented in LiteSpeed:
                  Hash File and External Rewriting Program.
                The implementation of LiteSpeed's rewrite engine follows the specifications of Apache's rewrite engine. For more details about rewrite map, please refer to Apache's mod_rewrite document.

                Syntax

                String

                -

                Rewrite Rules

                Description

                Specifies a list of rewrite rules at the virtual host level.

                Do NOT add any document root level rewrite rules here. If you have any document root level rewrite rules from .htaccess, you should instead create a static context with uri "/" and add the rewrite rules there.

                A rewrite rule is comprised of one RewriteRule directive and optionally preceded by multiple RewriteCond directives.

                • Each directive should take only one line.
                • RewriteCond and RewriteRule follow Apache's rewrite directive syntax. Just copy and paste rewrite directives from your Apache configuration files.
                • There are minor differences between LiteSpeed and Apache mod_rewrite implementation:
                  • %\{LA-U:variable\} and %\{LA-F:variable\} are ignored by the LiteSpeed rewrite engine
                  • Two new server variables are added in the LiteSpeed rewrite engine: %\{CURRENT_URI\} represents the current URI being processed by the rewrite engine and %\{SCRIPT_NAME\} has the same meaning as the corresponding CGI environment variable.
                  • The LiteSpeed rewrite engine will stop processing rewrite rules after encountering an [L] flag to avoid looping while Apache mod_rewrite will stop processing rewrite rules for the current iteration only. This behavior is similar to that of the [END] flag in Apache mod_rewrite.

                The implementation of LiteSpeed's rewrite engine follows Apache's rewrite engine specifications. For more details about rewrite rules, please refer to Apache's mod_rewrite document and Apache's URL rewriting guide .

                Syntax

                string

                +

                Rewrite Rules

                Description

                Specifies a list of rewrite rules at the virtual host level.

                Do NOT add any document root level rewrite rules here. If you have any document root level rewrite rules from .htaccess, you should instead create a static context with uri "/" and add the rewrite rules there.

                A rewrite rule is comprised of one RewriteRule directive and optionally preceded by multiple RewriteCond directives.

                • Each directive should take only one line.
                • RewriteCond and RewriteRule follow Apache's rewrite directive syntax. Just copy and paste rewrite directives from your Apache configuration files.
                • There are minor differences between LiteSpeed and Apache mod_rewrite implementation:
                  • %\{LA-U:variable\} and %\{LA-F:variable\} are ignored by the LiteSpeed rewrite engine
                  • Two new server variables are added in the LiteSpeed rewrite engine: %\{CURRENT_URI\} represents the current URI being processed by the rewrite engine and %\{SCRIPT_NAME\} has the same meaning as the corresponding CGI environment variable.
                  • The LiteSpeed rewrite engine will stop processing rewrite rules after encountering an [L] flag to avoid looping while Apache mod_rewrite will stop processing rewrite rules for the current iteration only. This behavior is similar to that of the [END] flag in Apache mod_rewrite.

                The implementation of LiteSpeed's rewrite engine follows Apache's rewrite engine specifications. For more details about rewrite rules, please refer to Apache's mod_rewrite document and Apache's URL rewriting guide .

                Syntax

                string

              diff --git a/dist/docs/ScriptHandler_Help.html b/dist/docs/ScriptHandler_Help.html index 6eb222dfa..4f92e9d16 100644 --- a/dist/docs/ScriptHandler_Help.html +++ b/dist/docs/ScriptHandler_Help.html @@ -17,7 +17,7 @@

              OpenLiteSpeed Web Server Users' Manual

              -

              Version 1.7  — Rev. 28

              +

              Version 1.7  — Rev. 29

                diff --git a/dist/docs/ServGeneral_Help.html b/dist/docs/ServGeneral_Help.html index 4c64f87e4..35578d4a2 100644 --- a/dist/docs/ServGeneral_Help.html +++ b/dist/docs/ServGeneral_Help.html @@ -17,7 +17,7 @@

                OpenLiteSpeed Web Server Users' Manual

                -

                Version 1.7  — Rev. 28

                +

                Version 1.7  — Rev. 29

                  @@ -122,7 +122,7 @@

                  Table of Contents

                  Running As

                  Description

                  Specifies the user/group that the server process runs as. This is set using the parameters "--with-user" and "--with-group" when running the configure command before installation. To reset these values, you must rerun the configure command and reinstall.

                  Apply

                  Reinstall required.

                  Tips

                  Server should not run as a privileged user such as "root". It is critical that the server is configured to run with a un-privileged user/group combination that does not have login/shell access. A user/group of nobody is generally a good choice.

                Priority

                Description

                Specifies priority of the server processes. Value ranges from -20 to 20. A lower number means higher priority.

                Syntax

                Integer number

                Tips

                Usually a higher priority leads to slightly higher web performance on a busy server. Do not set priority higher than that of database processes.

                See Also

                External App Priority, CGI Priority

                CPU Affinity

                Description

                CPU affinity binds a process to one or more CPUs (cores). It is beneficial for a process to always use the same CPU because then the process can make use of data left in CPU cache. If the process moves to a different CPU, there is no use of CPU cache and unnecessary overhead is required.

                The CPU Affinity setting controls how many CPUs (cores) one server process will be associated with. The minimum value is 0, which will disable this feature. The maximum value is the number of cores the server has. Generally, 1 is the best setting because because it creates the strictest use of CPU affinity and thus makes the most use of CPU cache.

                Default value: 0

                Syntax

                Integer value from 0 to 64. (0 will disable this feature)

                Apply

                Reinstall required.

                -

                Cloud-Linux

                Description

                Specifies whether to enable CloudLinux's Lightweight Virtual Environment (LVE) when it exists. You can use LiteSpeed with LVE to achieve better resource management. For more information, please check http://www.cloudlinux.com.

                Syntax

                Select from drop down list

                +

                Cloud-Linux

                Description

                Specifies whether to enable CloudLinux's Lightweight Virtual Environment (LVE) when it exists. You can use LiteSpeed with LVE to achieve better resource management. For more information, please check http://www.cloudlinux.com.

                Syntax

                Select from drop down list

                Max I/O Buffer Size

                Description

                Specifies the maximum buffer size that is used to store a request body and its dynamically generated response. When this limit is reached, the server will start to create temporary swapping files under Swapping Directory.

                Syntax

                Integer number

                Tips

                Set the buffer size large enough to accommodate all concurrent requests/replies to avoid memory to disk swapping. If there is frequent I/O activity to the swap directoy, by default /tmp/lshttpd/swap/, this buffer size is too low and LiteSpeed is swapping to disk.

                See Also

                Swapping Directory

                Swapping Directory

                Description

                Specifies the directory where the swapping files should be placed. When the server is started in chroot mode, this directory is relative to the new root directory, otherwise it is relative to the real root directory.

                The server uses its own virtual memory to reduce system memory usage. Virtual memory and disk swapping are used to store large request bodies and dynamically generated responses. The swapping directory should be placed on a disk with enough space.

                Default value: /tmp/lshttpd/swap

                Syntax

                Absolute path

                Tips

                Place the swapping directory on a separate disk or increase Max I/O Buffer Size to eliminate swapping.

                See Also

                Max I/O Buffer Size

                Auto Fix 503 Error

                Description

                Specifies whether to try to fix the "503 Service Unavailable" error by restarting the server gracefully. A "503" error is usually caused by malfunctioning external applications and a web server restart can often fix the error temporarily. If enabled, the server will restart automatically whenever there are more than 30 "503" errors within a 30 seconds span. This feature is enabled by default.

                Syntax

                Select from radio box

                diff --git a/dist/docs/ServLog_Help.html b/dist/docs/ServLog_Help.html index 22c4cbe65..57973116d 100644 --- a/dist/docs/ServLog_Help.html +++ b/dist/docs/ServLog_Help.html @@ -17,7 +17,7 @@

                OpenLiteSpeed Web Server Users' Manual

                -

                Version 1.7  — Rev. 28

                +

                Version 1.7  — Rev. 29

                  diff --git a/dist/docs/ServSecurity_Help.html b/dist/docs/ServSecurity_Help.html index de0cef90d..66c11d725 100644 --- a/dist/docs/ServSecurity_Help.html +++ b/dist/docs/ServSecurity_Help.html @@ -17,7 +17,7 @@

                  OpenLiteSpeed Web Server Users' Manual

                  -

                  Version 1.7  — Rev. 28

                  +

                  Version 1.7  — Rev. 29

                    @@ -153,8 +153,8 @@

                    Server Security

                    Table of Contents

                    Bot White List

                    Description

                    List of custom user agents to allow access. Will be subject to the ‘good bots’ limitations, including allowedRobotHits.

                    Syntax

                    List of user agents, one per line. Regex is supported.

                    Connection Limit

                    Description

                    The number of concurrent connections (SSL & non-SSL) needed to activate reCAPTCHA. reCAPTCHA will be used until concurrent connections drop below this number.

                    Default value is 15000.

                    Syntax

                    Integer number

                    SSL Connection Limit

                    Description

                    The number of concurrent SSL connections needed to activate reCAPTCHA. reCAPTCHA will be used until concurrent connections drop below this number.

                    Default value is 10000.

                    Syntax

                    Integer number

                    -

                    Bubblewrap Container

                    Description

                    Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/index.php/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

                    This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

                    Default values:
                    Server level: Disabled
                    VH level: Inherit Server level setting

                    Syntax

                    Select from drop down list

                    -

                    Bubblewrap Command

                    Description

                    The full bubblewrap use command, including the bubblewrap program itself. More on configuring this command can be found here: https://openlitespeed.org/kb/bubblewrap-in-openlitespeed/ . If not specified, the default command listed below will be used.

                    Default value: /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --dir /tmp --proc /proc --symlink ../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /home/$USER /home/$USER --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’

                    +

                    Bubblewrap Container

                    Description

                    Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/title/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

                    This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

                    Default values:
                    Server level: Disabled
                    VH level: Inherit Server level setting

                    Syntax

                    Select from drop down list

                    +

                    Bubblewrap Command

                    Description

                    The full bubblewrap use command, including the bubblewrap program itself. More on configuring this command can be found here: https://openlitespeed.org/kb/bubblewrap-in-openlitespeed/ . If not specified, the default command listed below will be used.

                    Default value: /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --dir /tmp --proc /proc --symlink ../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /home/$USER /home/$USER --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’

                    Access Denied Directories

                    Description

                    Specifies directories that should be blocked from access. Add directories that contain sensitive data to this list to prevent accidentally exposing sensitive files to clients. Append a "*" to the path to include all sub-directories. If both Follow Symbolic Link and Check Symbolic Link are enabled, symbolic links will be checked against the denied directories.

                    Syntax

                    Comma-delimited list of directories

                    Tips

                    Of critical importance: This setting only prevents serving static files from these directories. This does not prevent exposure by external scripts such as PHP/Ruby/CGI.

                    Access Control

                    Description

                    Specifies what sub networks and/or IP addresses can access the server. At the server level, this setting will affect all virtual hosts. You can also set up access control unique to each virtual host at the virtual host level. Virtual host level settings will NOT override server level settings.

                    Blocking/Allowing an IP is determined by the combination of the allowed list and the denied list. If you want to block only certain IPs or sub-networks, put * or ALL in the Allowed List and list the blocked IPs or sub-networks in the Denied List. If you want to allow only certain IPs or sub-networks, put * or ALL in the Denied List and list the allowed IPs or sub-networks in the Allowed List. The setting of the smallest scope that fits for an IP will be used to determine access.

                    Server Level: Trusted IPs or sub-networks must be specified in the Allowed List by adding a trailing "T". Trusted IPs or sub-networks are not affected by connection/throttling limits. Only server level access control can set up trusted IPs/sub-networks.

                    Tips

                    Use this at the server level for general restrictions that apply to all virtual hosts.

                    Allowed List

                    Description

                    Specifies the list of IPs or sub-networks allowed. * or ALL are accepted.

                    Syntax

                    Comma delimited list of IP addresses or sub-networks. A trailing "T" can be used to indicate a trusted IP or sub-network, such as 192.168.1.*T.

                    Example

                    Sub-networks: 192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1, or 192.168.1.*
                    IPv6 addresses: ::1 or [::1]
                    IPv6 subnets: 3ffe:302:11:2:20f:1fff:fe29:717c/64 or [3ffe:302:11:2:20f:1fff:fe29:717c]/64

                    Tips

                    Trusted IPs or sub-networks set at the server level access control will be excluded from connection/throttling limits.

                    diff --git a/dist/docs/ServTuning_Help.html b/dist/docs/ServTuning_Help.html index f827c34a8..1c26ef3d3 100644 --- a/dist/docs/ServTuning_Help.html +++ b/dist/docs/ServTuning_Help.html @@ -17,7 +17,7 @@

                    OpenLiteSpeed Web Server Users' Manual

                    -

                    Version 1.7  — Rev. 28

                    +

                    Version 1.7  — Rev. 29

                      @@ -161,7 +161,7 @@

                      Server Tuning

                      Table of Contents

                      Max Concurrent Streams Per Connection

                      Description

                      The maximum number of concurrent streams allowed per QUIC connection. Default value is 100.

                      Syntax

                      Integer number between 10 and 1000

                    Handshake Timeout

                    Description

                    The time in seconds a new QUIC connection is given to complete its handshake, after which the connection is aborted. Default value is 10.

                    Syntax

                    Integer number between 1 and 15

                    Idle Timeout

                    Description

                    The time in seconds after which an idle QUIC connection will be closed. Default value is 30.

                    Syntax

                    Integer number between 10 and 30

                    -

                    Enable DPLPMTUD

                    Description

                    Enable Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).

                    Background on DPLPMTUD (RFC 8899)

                    Default value: Yes

                    Syntax

                    Select from radio box

                    +

                    Enable DPLPMTUD

                    Description

                    Enable Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).

                    Background on DPLPMTUD (RFC 8899)

                    Default value: Yes

                    Syntax

                    Select from radio box

                    PLPMTU Base Value

                    Description

                    The maximum value of PLPMTU (maximum packet size without headers) in bytes that QUIC will use by default. Setting this to 0 will allow QUIC to pick the size.

                    This setting should be set lower than PLPMTU Max Value.

                    Default value: 0

                    Syntax

                    0 or integer number between 1200 and 65527

                    PLPMTU Max Value

                    Description

                    The PLPMTU (maximum packet size without headers) probe upper limit in bytes. This setting is used to limit the "maximum packet size" in the DPLPMTUD search space. Setting this to 0 will allow QUIC to pick the size (By default LSQUIC assumes that MTU is 1,500 bytes (Ethernet)).

                    This setting should be set higher than PLPMTU Base Value.
                    Default value: 0

                    Syntax

                    0 or integer number between 1200 and 65527

                    diff --git a/dist/docs/ServerStat_Help.html b/dist/docs/ServerStat_Help.html index c35dcfc86..264dccf00 100644 --- a/dist/docs/ServerStat_Help.html +++ b/dist/docs/ServerStat_Help.html @@ -17,7 +17,7 @@

                    OpenLiteSpeed Web Server Users' Manual

                    -

                    Version 1.7  — Rev. 28

                    +

                    Version 1.7  — Rev. 29

                      diff --git a/dist/docs/Servlet_Context.html b/dist/docs/Servlet_Context.html index 6f44ba22a..f7cbbee32 100644 --- a/dist/docs/Servlet_Context.html +++ b/dist/docs/Servlet_Context.html @@ -17,7 +17,7 @@

                      OpenLiteSpeed Web Server Users' Manual

                      -

                      Version 1.7  — Rev. 28

                      +

                      Version 1.7  — Rev. 29

                        @@ -108,7 +108,7 @@

                        Servlet Context

                        Table of Contents

                        Require (Authorized Users/Groups)

                        Description

                        Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.

                        Syntax

                        Syntax is compatible with Apache's Require directive. For example:

                        • user username [username ...]
                          Only listed users can access this context.
                        • group groupid [groupid ...]
                          Only users belonging to the listed groups can access this context.
                        If this setting is not specified, all valid users will be allowed to access this resource.

                        Access Allowed

                        Description

                        Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                        Syntax

                        Comma-delimited list of IPs/sub-networks.

                        Example

                        Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

                        Access Denied

                        Description

                        Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                        Syntax

                        Comma-delimited list of IPs/sub-networks.

                        Example

                        Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.
                        -

                        Authorizer

                        Description

                        Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.

                        Syntax

                        Select from drop down list

                        +

                        Authorizer

                        Description

                        Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .

                        Syntax

                        Select from drop down list

                        Add Default Charset

                        Description

                        Specifies whether to add a character set tag to the "Content-Type" response header, when content type is either "text/html" or "text/plain" without any parameters. When set to Off, this function is disabled. When set to On, either the character set specified by Customized Default Charset or the default "iso-8859-1" will be added.

                        Syntax

                        Select from radio box

                        Customized Default Charset

                        Description

                        Specifies a character set to be used when Add Default Charset is On. This is optional. The default value is iso-8859-1. This entry has no effect when Add Default Charset is Off.

                        Syntax

                        Name of a character set.

                        Example

                        utf-8

                        Enable GeoLocation Lookup

                        Description

                        Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".

                        Syntax

                        Select from radio box

                        See Also

                        Use Client IP in Header, DB File Path,

                        diff --git a/dist/docs/Static_Context.html b/dist/docs/Static_Context.html index 38c5110de..ea0628f48 100644 --- a/dist/docs/Static_Context.html +++ b/dist/docs/Static_Context.html @@ -17,7 +17,7 @@

                        OpenLiteSpeed Web Server Users' Manual

                        -

                        Version 1.7  — Rev. 28

                        +

                        Version 1.7  — Rev. 29

                          @@ -117,13 +117,13 @@

                          Static Context

                          Table of Contents

                          <

                          Require (Authorized Users/Groups)

                          Description

                          Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.

                          Syntax

                          Syntax is compatible with Apache's Require directive. For example:

                          • user username [username ...]
                            Only listed users can access this context.
                          • group groupid [groupid ...]
                            Only users belonging to the listed groups can access this context.
                          If this setting is not specified, all valid users will be allowed to access this resource.

                          Access Allowed

                          Description

                          Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                          Syntax

                          Comma-delimited list of IPs/sub-networks.

                          Example

                          Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

                          Access Denied

                          Description

                          Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

                          Syntax

                          Comma-delimited list of IPs/sub-networks.

                          Example

                          Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.
                          -

                          Authorizer

                          Description

                          Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.

                          Syntax

                          Select from drop down list

                          +

                          Authorizer

                          Description

                          Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .

                          Syntax

                          Select from drop down list

                          Add Default Charset

                          Description

                          Specifies whether to add a character set tag to the "Content-Type" response header, when content type is either "text/html" or "text/plain" without any parameters. When set to Off, this function is disabled. When set to On, either the character set specified by Customized Default Charset or the default "iso-8859-1" will be added.

                          Syntax

                          Select from radio box

                          Customized Default Charset

                          Description

                          Specifies a character set to be used when Add Default Charset is On. This is optional. The default value is iso-8859-1. This entry has no effect when Add Default Charset is Off.

                          Syntax

                          Name of a character set.

                          Example

                          utf-8

                          Enable Rewrite

                          Description

                          Specifies whether to enable LiteSpeed's URL rewrite engine. This option can be customized at the virtual host or context level, and is inherited along the directory tree until it is explicitly overridden.

                          Syntax

                          Select from radio box

                          Rewrite Inherit

                          Description

                          Specifies whether to inherit rewrite rules from parent contexts. If rewrite is enabled and not inherited, rewrite base and rewrite rules defined in this context will be used.

                          Syntax

                          Select from radio box

                          Rewrite Base

                          Description

                          Specifies the base URL for rewrite rules.

                          Syntax

                          URL

                          -

                          Rewrite Rules

                          Description

                          Specifies a list of rewrite rules at the virtual host level.

                          Do NOT add any document root level rewrite rules here. If you have any document root level rewrite rules from .htaccess, you should instead create a static context with uri "/" and add the rewrite rules there.

                          A rewrite rule is comprised of one RewriteRule directive and optionally preceded by multiple RewriteCond directives.

                          • Each directive should take only one line.
                          • RewriteCond and RewriteRule follow Apache's rewrite directive syntax. Just copy and paste rewrite directives from your Apache configuration files.
                          • There are minor differences between LiteSpeed and Apache mod_rewrite implementation:
                            • %\{LA-U:variable\} and %\{LA-F:variable\} are ignored by the LiteSpeed rewrite engine
                            • Two new server variables are added in the LiteSpeed rewrite engine: %\{CURRENT_URI\} represents the current URI being processed by the rewrite engine and %\{SCRIPT_NAME\} has the same meaning as the corresponding CGI environment variable.
                            • The LiteSpeed rewrite engine will stop processing rewrite rules after encountering an [L] flag to avoid looping while Apache mod_rewrite will stop processing rewrite rules for the current iteration only. This behavior is similar to that of the [END] flag in Apache mod_rewrite.

                          The implementation of LiteSpeed's rewrite engine follows Apache's rewrite engine specifications. For more details about rewrite rules, please refer to Apache's mod_rewrite document and Apache's URL rewriting guide .

                          Syntax

                          string

                          +

                          Rewrite Rules

                          Description

                          Specifies a list of rewrite rules at the virtual host level.

                          Do NOT add any document root level rewrite rules here. If you have any document root level rewrite rules from .htaccess, you should instead create a static context with uri "/" and add the rewrite rules there.

                          A rewrite rule is comprised of one RewriteRule directive and optionally preceded by multiple RewriteCond directives.

                          • Each directive should take only one line.
                          • RewriteCond and RewriteRule follow Apache's rewrite directive syntax. Just copy and paste rewrite directives from your Apache configuration files.
                          • There are minor differences between LiteSpeed and Apache mod_rewrite implementation:
                            • %\{LA-U:variable\} and %\{LA-F:variable\} are ignored by the LiteSpeed rewrite engine
                            • Two new server variables are added in the LiteSpeed rewrite engine: %\{CURRENT_URI\} represents the current URI being processed by the rewrite engine and %\{SCRIPT_NAME\} has the same meaning as the corresponding CGI environment variable.
                            • The LiteSpeed rewrite engine will stop processing rewrite rules after encountering an [L] flag to avoid looping while Apache mod_rewrite will stop processing rewrite rules for the current iteration only. This behavior is similar to that of the [END] flag in Apache mod_rewrite.

                          The implementation of LiteSpeed's rewrite engine follows Apache's rewrite engine specifications. For more details about rewrite rules, please refer to Apache's mod_rewrite document and Apache's URL rewriting guide .

                          Syntax

                          string

                          Enable GeoLocation Lookup

                          Description

                          Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".

                          Syntax

                          Select from radio box

                          See Also

                          Use Client IP in Header, DB File Path,

                          php.ini Override

                          Description

                          Used to overwrite php.ini settings in the current context (Virtual Host level or Context level).

                          Supported directives are:
                          php_value
                          php_flag
                          php_admin_value
                          php_admin_flag

                          All other lines/directives will be ignored.

                          Syntax

                          Override syntax is similar to Apache, a newline separated list of directives and their values with each directive being prepended by php_value, php_flag, php_admin_value, or php_admin_flag appropriately.

                          Example

                          php_value include_path ".:/usr/local/lib/php"
                          php_admin_flag engine on
                          php_admin_value open_basedir "/home"
                          diff --git a/dist/docs/Templates_Help.html b/dist/docs/Templates_Help.html index 6083f5455..ce84a0fc8 100644 --- a/dist/docs/Templates_Help.html +++ b/dist/docs/Templates_Help.html @@ -17,7 +17,7 @@

                          OpenLiteSpeed Web Server Users' Manual

                          -

                          Version 1.7  — Rev. 28

                          +

                          Version 1.7  — Rev. 29

                            diff --git a/dist/docs/VHGeneral_Help.html b/dist/docs/VHGeneral_Help.html index c2fc189ae..bef8c82f3 100644 --- a/dist/docs/VHGeneral_Help.html +++ b/dist/docs/VHGeneral_Help.html @@ -17,7 +17,7 @@

                            OpenLiteSpeed Web Server Users' Manual

                            -

                            Version 1.7  — Rev. 28

                            +

                            Version 1.7  — Rev. 29

                              diff --git a/dist/docs/VHSSL_Help.html b/dist/docs/VHSSL_Help.html index 3462b040e..c376f84de 100644 --- a/dist/docs/VHSSL_Help.html +++ b/dist/docs/VHSSL_Help.html @@ -17,7 +17,7 @@

                              OpenLiteSpeed Web Server Users' Manual

                              -

                              Version 1.7  — Rev. 28

                              +

                              Version 1.7  — Rev. 29

                                @@ -123,7 +123,7 @@

                                Virtual Host SSL

                                Table of Contents

                                Enable Session Tickets

                                Description

                                Enables session tickets using OpenSSL's default session ticket setting. Server-level setting must be set to "Yes" for Virtual Host setting to take effect.

                                Default values:
                                Server-level: Yes
                                VH-Level: Yes

                                Syntax

                                Select from radio box

                              ALPN

                              Description

                              Selectively enable HTTP/3, HTTP/2, and SPDY HTTP network protocols.

                              If you wish to disable SPDY, HTTP/2, and HTTP3, check "None" and leave all other boxes unchecked.

                              Default value: All enabled

                              Syntax

                              Select from checkbox

                              Tips

                              This setting can be set at the listener and virtual host levels.

                              Enable HTTP3/QUIC

                              Description

                              Enables the HTTP3/QUIC network protocol for this virtual host. For this setting to take effect, both Enable HTTP3/QUIC and Open HTTP3/QUIC (UDP) port must also be set to Yes at the server and listener levels respectively. Default value is Yes.

                              Syntax

                              Select from radio box

                              Tips

                              When this setting is set to No, the HTTP3/QUIC advertisement will no longer be sent. If a browser still contains cached HTTP3/QUIC information and HTTP3/QUIC is still enabled at the server and listener levels, an HTTP3/QUIC connection will continue to be used until this information is no longer cached or an HTTP3/QUIC protocol error is encountered.

                              -

                              OCSP Stapling

                              Description

                              Online Certificate Status Protocol (OCSP) is a more efficient method of checking whether a digital certificate is valid. It works by communicating with another server — the OCSP responder — to get verification that the certificate is valid instead of checking through certificate revocation lists (CRL).

                              OCSP stapling is a further improvement on this protocol, allowing the server to check with the OCSP responder at regular intervals instead of every time a certificate is requested. See the OCSP Wikipedia page for more details.

                              +

                              OCSP Stapling

                              Description

                              Online Certificate Status Protocol (OCSP) is a more efficient method of checking whether a digital certificate is valid. It works by communicating with another server — the OCSP responder — to get verification that the certificate is valid instead of checking through certificate revocation lists (CRL).

                              OCSP stapling is a further improvement on this protocol, allowing the server to check with the OCSP responder at regular intervals instead of every time a certificate is requested. See the OCSP Wikipedia page for more details.

                              Enable OCSP Stapling

                              Description

                              Determines whether to enable OCSP stapling, a more efficient way of verifying public key certificates.

                              Syntax

                              Select from radio box

                              OCSP Response Max Age (secs)

                              Description

                              This option sets the maximum allowable age for an OCSP response. If an OCSP response is older than this maximum age, the server will contact the OCSP responder for a new response. The default value is 86400. Maximum age can be turned off by setting this value to -1.

                              Syntax

                              Integer of seconds

                              OCSP Responder

                              Description

                              Specifies the URL of the OCSP responder to be used. If not set, the server will attempt to contact the OCSP responder detailed in the certificate authority's issuer certificate. Some issuer certificates may not have an OCSP responder URL specified.

                              Syntax

                              URL starting with http://

                              Example

                              http://rapidssl-ocsp.geotrust.com
                              diff --git a/dist/docs/VHSecurity_Help.html b/dist/docs/VHSecurity_Help.html index a5a3311ef..d0c922742 100644 --- a/dist/docs/VHSecurity_Help.html +++ b/dist/docs/VHSecurity_Help.html @@ -17,7 +17,7 @@

                              OpenLiteSpeed Web Server Users' Manual

                              -

                              Version 1.7  — Rev. 28

                              +

                              Version 1.7  — Rev. 29

                                @@ -112,7 +112,7 @@

                                Virtual Host Security

                                Table of Contents

                                reCAPTCHA Type

                                Description

                                Specify the reCAPTCHA type to use with the key pairs. If a key pair has not been provided and this setting is set to Not Set, a default key pair of type Invisible will be used.
                                Checkbox will display a checkbox reCAPTCHA for the visitor to validate.
                                Invisible will attempt to validate the reCAPTCHA automatically and if successful, will redirect to the desired page.

                                Default value is Invisible.

                                Syntax

                                Select from drop down list

                              Max Tries

                              Description

                              Max Tries specifies the maximum number of reCAPTCHA attempts permitted before denying the visitor.

                              Default value is 3.

                              Syntax

                              Integer number

                              Concurrent Request Limit

                              Description

                              The number of concurrent requests needed to activate reCAPTCHA. reCAPTCHA will be used until concurrent requests drop below this number.

                              Default value is 15000.

                              Syntax

                              Integer number

                              -

                              Bubblewrap Container

                              Description

                              Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/index.php/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

                              This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

                              Default values:
                              Server level: Disabled
                              VH level: Inherit Server level setting

                              Syntax

                              Select from drop down list

                              +

                              Bubblewrap Container

                              Description

                              Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/title/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

                              This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

                              Default values:
                              Server level: Disabled
                              VH level: Inherit Server level setting

                              Syntax

                              Select from drop down list

                              Access Control

                              Description

                              Specifies what sub networks and/or IP addresses can access the server. At the server level, this setting will affect all virtual hosts. You can also set up access control unique to each virtual host at the virtual host level. Virtual host level settings will NOT override server level settings.

                              Blocking/Allowing an IP is determined by the combination of the allowed list and the denied list. If you want to block only certain IPs or sub-networks, put * or ALL in the Allowed List and list the blocked IPs or sub-networks in the Denied List. If you want to allow only certain IPs or sub-networks, put * or ALL in the Denied List and list the allowed IPs or sub-networks in the Allowed List. The setting of the smallest scope that fits for an IP will be used to determine access.

                              Server Level: Trusted IPs or sub-networks must be specified in the Allowed List by adding a trailing "T". Trusted IPs or sub-networks are not affected by connection/throttling limits. Only server level access control can set up trusted IPs/sub-networks.

                              Tips

                              Use this at the server level for general restrictions that apply to all virtual hosts.

                              Allowed List

                              Description

                              Specifies the list of IPs or sub-networks allowed. * or ALL are accepted.

                              Syntax

                              Comma delimited list of IP addresses or sub-networks. A trailing "T" can be used to indicate a trusted IP or sub-network, such as 192.168.1.*T.

                              Example

                              Sub-networks: 192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1, or 192.168.1.*
                              IPv6 addresses: ::1 or [::1]
                              IPv6 subnets: 3ffe:302:11:2:20f:1fff:fe29:717c/64 or [3ffe:302:11:2:20f:1fff:fe29:717c]/64

                              Tips

                              Trusted IPs or sub-networks set at the server level access control will be excluded from connection/throttling limits.

                              Denied List

                              Description

                              Specifies the list of IPs or sub-networks disallowed.

                              Syntax

                              Comma delimited list of IP addresses or sub-networks. * or ALL are accepted.

                              Example

                              Sub-networks: 192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1, or 192.168.1.*
                              IPv6 addresses: ::1 or [::1]
                              IPv6 subnets: 3ffe:302:11:2:20f:1fff:fe29:717c/64 or [3ffe:302:11:2:20f:1fff:fe29:717c]/64
                              diff --git a/dist/docs/VHWebSocket_Help.html b/dist/docs/VHWebSocket_Help.html index fe078b694..a94a8e804 100644 --- a/dist/docs/VHWebSocket_Help.html +++ b/dist/docs/VHWebSocket_Help.html @@ -17,7 +17,7 @@

                              OpenLiteSpeed Web Server Users' Manual

                              -

                              Version 1.7  — Rev. 28

                              +

                              Version 1.7  — Rev. 29

                                diff --git a/dist/docs/VirtualHosts_Help.html b/dist/docs/VirtualHosts_Help.html index 96dcececc..8d71b53be 100644 --- a/dist/docs/VirtualHosts_Help.html +++ b/dist/docs/VirtualHosts_Help.html @@ -17,7 +17,7 @@

                                OpenLiteSpeed Web Server Users' Manual

                                -

                                Version 1.7  — Rev. 28

                                +

                                Version 1.7  — Rev. 29

                                  diff --git a/dist/docs/admin.html b/dist/docs/admin.html index 80e1e82fc..2f758a035 100644 --- a/dist/docs/admin.html +++ b/dist/docs/admin.html @@ -17,7 +17,7 @@

                                  OpenLiteSpeed Web Server Users' Manual

                                  -

                                  Version 1.7  — Rev. 28

                                  +

                                  Version 1.7  — Rev. 29

                                    diff --git a/dist/docs/config.html b/dist/docs/config.html index 9a517e83d..3878ab7ef 100644 --- a/dist/docs/config.html +++ b/dist/docs/config.html @@ -17,7 +17,7 @@

                                    OpenLiteSpeed Web Server Users' Manual

                                    -

                                    Version 1.7  — Rev. 28

                                    +

                                    Version 1.7  — Rev. 29

                                      diff --git a/dist/docs/index.html b/dist/docs/index.html index 4ef4020a5..49c715585 100644 --- a/dist/docs/index.html +++ b/dist/docs/index.html @@ -17,7 +17,7 @@

                                      OpenLiteSpeed Web Server Users' Manual

                                      -

                                      Version 1.7  — Rev. 28

                                      +

                                      Version 1.7  — Rev. 29

                                        @@ -102,7 +102,7 @@



                                        Users' Manual

                                        - — Rev. 28 + — Rev. 29

                                        diff --git a/dist/docs/install.html b/dist/docs/install.html index d13317a1e..42eddc1c1 100644 --- a/dist/docs/install.html +++ b/dist/docs/install.html @@ -17,7 +17,7 @@

                                        OpenLiteSpeed Web Server Users' Manual

                                        -

                                        Version 1.7  — Rev. 28

                                        +

                                        Version 1.7  — Rev. 29

                                          diff --git a/dist/docs/intro.html b/dist/docs/intro.html index 345a00b08..bee87d8c6 100644 --- a/dist/docs/intro.html +++ b/dist/docs/intro.html @@ -17,7 +17,7 @@

                                          OpenLiteSpeed Web Server Users' Manual

                                          -

                                          Version 1.7  — Rev. 28

                                          +

                                          Version 1.7  — Rev. 29

                                            diff --git a/dist/docs/ja-JP/AdminGeneral_Help.html b/dist/docs/ja-JP/AdminGeneral_Help.html index a63dbb196..c2d69f6b0 100644 --- a/dist/docs/ja-JP/AdminGeneral_Help.html +++ b/dist/docs/ja-JP/AdminGeneral_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                            OpenLiteSpeed Web Server ユーザーズマニュアル

                                            -
                                            Version 1.4  — Rev. 3
                                            +
                                            Version 1.4  — Rev. 4
                                              diff --git a/dist/docs/ja-JP/AdminListeners_General_Help.html b/dist/docs/ja-JP/AdminListeners_General_Help.html index a3c7ad7a6..ce5057b6f 100644 --- a/dist/docs/ja-JP/AdminListeners_General_Help.html +++ b/dist/docs/ja-JP/AdminListeners_General_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                              OpenLiteSpeed Web Server ユーザーズマニュアル

                                              -
                                              Version 1.4  — Rev. 3
                                              +
                                              Version 1.4  — Rev. 4
                                                diff --git a/dist/docs/ja-JP/AdminListeners_SSL_Help.html b/dist/docs/ja-JP/AdminListeners_SSL_Help.html index df81fc6a2..3e46d97ae 100644 --- a/dist/docs/ja-JP/AdminListeners_SSL_Help.html +++ b/dist/docs/ja-JP/AdminListeners_SSL_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                OpenLiteSpeed Web Server ユーザーズマニュアル

                                                -
                                                Version 1.4  — Rev. 3
                                                +
                                                Version 1.4  — Rev. 4
                                                  @@ -105,7 +105,7 @@

                                                  目次

                                                  説明

                                                  SSL再交渉保護を有効にするかどうかを指定します。 SSLハンドシェイクベースの攻撃に対して防御します。 デフォルト値は "Yes"です。

                                                  構文

                                                  ラジオボックスから選択

                                                  ヒント

                                                  This setting can be enabled at the listener and virtual host levels.

                                                セッションキャッシュを有効にする

                                                説明

                                                セッションIDキャッシングを有効にします。 「未設定」の場合、デフォルトは「いいえ」です。 (Opensslデフォルト)

                                                構文

                                                ラジオボックスから選択

                                                セッションチケットを有効にする

                                                説明

                                                セッションチケットを有効にします。 「未設定」の場合、サーバーはopenSSLのデフォルトチケットを使用します。

                                                構文

                                                ラジオボックスから選択

                                                -

                                                SPDY/HTTP2を有効にする

                                                説明

                                                HTTP/2とSPDYは、ページロード時間を短縮する目的で、HTTPネットワークプロトコルの新バージョンです。 より多くの情報はhttp://en.wikipedia.org/wiki/HTTP/2で見つけることができます。

                                                構文

                                                有効にするプロトコルを確認します。 すべてのボックスをチェックしないと、SPDYとHTTP/2のサポート(デフォルト)が有効になります。 SPDYとHTTP/2を無効にする場合は、「なし」のみをチェックし、その他のチェックボックスはすべてオフにします。

                                                ヒント

                                                This setting can be set at the listener and virtual host levels.

                                                +

                                                SPDY/HTTP2を有効にする

                                                説明

                                                HTTP/2とSPDYは、ページロード時間を短縮する目的で、HTTPネットワークプロトコルの新バージョンです。 より多くの情報は http://en.wikipedia.org/wiki/HTTP/2 で見つけることができます。

                                                構文

                                                有効にするプロトコルを確認します。 すべてのボックスをチェックしないと、SPDYとHTTP/2のサポート(デフォルト)が有効になります。 SPDYとHTTP/2を無効にする場合は、「なし」のみをチェックし、その他のチェックボックスはすべてオフにします。

                                                ヒント

                                                This setting can be set at the listener and virtual host levels.

                                                Open HTTP3/QUIC (UDP) port

                                                説明

                                                Allows the use of the HTTP3/QUIC network protocol for virtual hosts mapped to this listener. For this setting to take effect, Enable HTTP3/QUIC must also be set to Yes at the server level. Default value is Yes.

                                                ヒント

                                                When this setting is set to Yes, HTTP3/QUIC can still be disabled at the virtual host level through the Enable HTTP3/QUIC setting.

                                                クライアントの検証

                                                説明

                                                クライアント証明書認証のタイプを指定します。 使用できるタイプは次のとおりです:

                                                • None: クライアント証明書は必要ありません。
                                                • Optional: クライアント証明書はオプションです。
                                                • Require: クライアントには有効な証明書が必要です。
                                                • Optional_no_ca: オプションと同じです。
                                                デフォルトは "None"です。

                                                構文

                                                ドロップダウンリストから選択

                                                ヒント

                                                "None"または "Require"をお勧めします。

                                                検証の深さ

                                                説明

                                                クライアントに有効な証明書がないと判断する前に、証明書の検証の深さを指定します。 デフォルトは "1"です。

                                                構文

                                                ドロップダウンリストから選択

                                                diff --git a/dist/docs/ja-JP/AdminSecurity_Help.html b/dist/docs/ja-JP/AdminSecurity_Help.html index d25773da9..e20bee062 100644 --- a/dist/docs/ja-JP/AdminSecurity_Help.html +++ b/dist/docs/ja-JP/AdminSecurity_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                OpenLiteSpeed Web Server ユーザーズマニュアル

                                                -
                                                Version 1.4  — Rev. 3
                                                +
                                                Version 1.4  — Rev. 4
                                                  diff --git a/dist/docs/ja-JP/App_Server_Context.html b/dist/docs/ja-JP/App_Server_Context.html index 2f3531f68..8f6bc8964 100644 --- a/dist/docs/ja-JP/App_Server_Context.html +++ b/dist/docs/ja-JP/App_Server_Context.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                  OpenLiteSpeed Web Server ユーザーズマニュアル

                                                  -
                                                  Version 1.4  — Rev. 3
                                                  +
                                                  Version 1.4  — Rev. 4
                                                    @@ -104,7 +104,7 @@

                                                    App Server Context

                                                    目次

                                                    必要(許可ユーザー/グループ)

                                                    説明

                                                    このコンテキストにアクセスできるユーザー/グループを指定します。 これにより、複数のコンテキストにわたって1つのユーザー/グループデータベース(レルムで指定)を使用できますが、そのデータベースの特定のユーザー/グループのみがこのコンテキストにアクセスできます。

                                                    構文

                                                    構文はApache Requireディレクティブと互換性があります。 例えば:

                                                    • user username [username ...]
                                                      リストされたユーザーだけがこのコンテキストにアクセスできます。
                                                    • group groupid [groupid ...]
                                                      リストされたグループに属するユーザーのみがこのコンテキストにアクセスできます。
                                                    この設定を指定しないと、すべての有効なユーザーがこのリソースにアクセスできます。

                                                  アクセス許可

                                                  説明

                                                  このコンテキストでリソースにアクセスできるIPまたはサブネットワークを指定します。 アクセス拒否とサーバー/バーチャルホスト・レベルのアクセス制御とともに、アクセシビリティは、クライアントのIPアドレスが入る最小の範囲によって決まります。

                                                  構文

                                                  IP/サブネットワークのカンマ区切りリスト。

                                                  サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.

                                                  アクセス拒否

                                                  説明

                                                  このコンテキストでリソースにアクセスできないIPまたはサブネットワークを指定します。 アクセス許可とサーバー/バーチャルホストレベルのアクセス制御とともに、アクセシビリティはクライアントのIPアドレスが入る最小の範囲で決まります。

                                                  構文

                                                  IP/サブネットワークのカンマ区切りリスト。

                                                  サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.
                                                  -

                                                  承認者

                                                  説明

                                                  権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、http://www.fastcgi.comを参照してください。 。

                                                  構文

                                                  ドロップダウンリストから選択

                                                  +

                                                  承認者

                                                  説明

                                                  権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、 https://fastcgi-archives.github.io/ を参照してください。 。

                                                  構文

                                                  ドロップダウンリストから選択

                                                  Rewriteを有効にする

                                                  説明

                                                  LiteSpeedのURL書き換えエンジンを有効にするかどうかを指定します。 このオプションは、バーチャルホストまたはコンテキストレベルでカスタマイズでき、明示的に上書きされるまでディレクトリツリーに沿って継承されます。

                                                  構文

                                                  ラジオボックスから選択

                                                  継承を書き直す

                                                  説明

                                                  親コンテキストから書き換えルールを継承するかどうかを指定します。 書き換えが有効で継承されていない場合は、このコンテキストで定義されている書き換えのベースルールと書き換えルールが使用されます。

                                                  構文

                                                  ラジオボックスから選択

                                                  書き換えベース

                                                  説明

                                                  書き換えルールのベースURLを指定します。

                                                  構文

                                                  URL

                                                  diff --git a/dist/docs/ja-JP/App_Server_Help.html b/dist/docs/ja-JP/App_Server_Help.html index ea0274332..d97fb21ad 100644 --- a/dist/docs/ja-JP/App_Server_Help.html +++ b/dist/docs/ja-JP/App_Server_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                  OpenLiteSpeed Web Server ユーザーズマニュアル

                                                  -
                                                  Version 1.4  — Rev. 3
                                                  +
                                                  Version 1.4  — Rev. 4
                                                    diff --git a/dist/docs/ja-JP/CGI_Context.html b/dist/docs/ja-JP/CGI_Context.html index 9a6e6423e..d08a0a900 100644 --- a/dist/docs/ja-JP/CGI_Context.html +++ b/dist/docs/ja-JP/CGI_Context.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                    OpenLiteSpeed Web Server ユーザーズマニュアル

                                                    -
                                                    Version 1.4  — Rev. 3
                                                    +
                                                    Version 1.4  — Rev. 4
                                                      @@ -94,7 +94,7 @@

                                                      CGIコンテキスト

                                                      目次

                                                      必要(許可ユーザー/グループ)

                                                      説明

                                                      このコンテキストにアクセスできるユーザー/グループを指定します。 これにより、複数のコンテキストにわたって1つのユーザー/グループデータベース(レルムで指定)を使用できますが、そのデータベースの特定のユーザー/グループのみがこのコンテキストにアクセスできます。

                                                      構文

                                                      構文はApache Requireディレクティブと互換性があります。 例えば:

                                                      • user username [username ...]
                                                        リストされたユーザーだけがこのコンテキストにアクセスできます。
                                                      • group groupid [groupid ...]
                                                        リストされたグループに属するユーザーのみがこのコンテキストにアクセスできます。
                                                      この設定を指定しないと、すべての有効なユーザーがこのリソースにアクセスできます。

                                                    アクセス許可

                                                    説明

                                                    このコンテキストでリソースにアクセスできるIPまたはサブネットワークを指定します。 アクセス拒否とサーバー/バーチャルホスト・レベルのアクセス制御とともに、アクセシビリティは、クライアントのIPアドレスが入る最小の範囲によって決まります。

                                                    構文

                                                    IP/サブネットワークのカンマ区切りリスト。

                                                    サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.

                                                    アクセス拒否

                                                    説明

                                                    このコンテキストでリソースにアクセスできないIPまたはサブネットワークを指定します。 アクセス許可とサーバー/バーチャルホストレベルのアクセス制御とともに、アクセシビリティはクライアントのIPアドレスが入る最小の範囲で決まります。

                                                    構文

                                                    IP/サブネットワークのカンマ区切りリスト。

                                                    サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.
                                                    -

                                                    承認者

                                                    説明

                                                    権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、http://www.fastcgi.comを参照してください。 。

                                                    構文

                                                    ドロップダウンリストから選択

                                                    +

                                                    承認者

                                                    説明

                                                    権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、 https://fastcgi-archives.github.io/ を参照してください。 。

                                                    構文

                                                    ドロップダウンリストから選択

                                                    デフォルトの文字セットを追加

                                                    説明

                                                    コンテンツタイプが "text/html"または "text/plain"のいずれかのパラメータがない場合、文字セットタグを "Content-Type"レスポンスヘッダーに追加するかどうかを指定します。 Offに設定すると、この機能は無効になります。 Onに設定すると、カスタマイズされたデフォルトの文字セットで指定された文字セットまたはデフォルトの "iso-8859-1"のいずれかが追加されます。

                                                    構文

                                                    ラジオボックスから選択

                                                    Rewriteを有効にする

                                                    説明

                                                    LiteSpeedのURL書き換えエンジンを有効にするかどうかを指定します。 このオプションは、バーチャルホストまたはコンテキストレベルでカスタマイズでき、明示的に上書きされるまでディレクトリツリーに沿って継承されます。

                                                    構文

                                                    ラジオボックスから選択

                                                    diff --git a/dist/docs/ja-JP/CompilePHP_Help.html b/dist/docs/ja-JP/CompilePHP_Help.html index b4a8eb729..e3d00b7cc 100644 --- a/dist/docs/ja-JP/CompilePHP_Help.html +++ b/dist/docs/ja-JP/CompilePHP_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                    OpenLiteSpeed Web Server ユーザーズマニュアル

                                                    -
                                                    Version 1.4  — Rev. 3
                                                    +
                                                    Version 1.4  — Rev. 4
                                                      diff --git a/dist/docs/ja-JP/Context_Help.html b/dist/docs/ja-JP/Context_Help.html index 4c2d4f857..cf5081d26 100644 --- a/dist/docs/ja-JP/Context_Help.html +++ b/dist/docs/ja-JP/Context_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                      OpenLiteSpeed Web Server ユーザーズマニュアル

                                                      -
                                                      Version 1.4  — Rev. 3
                                                      +
                                                      Version 1.4  — Rev. 4
                                                        diff --git a/dist/docs/ja-JP/ExtApp_Help.html b/dist/docs/ja-JP/ExtApp_Help.html index 7ec66cac6..3267ca34b 100644 --- a/dist/docs/ja-JP/ExtApp_Help.html +++ b/dist/docs/ja-JP/ExtApp_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                        OpenLiteSpeed Web Server ユーザーズマニュアル

                                                        -
                                                        Version 1.4  — Rev. 3
                                                        +
                                                        Version 1.4  — Rev. 4
                                                          @@ -91,7 +91,11 @@

                                                          外部アプリケーション

                                                          L 各要求に対してCGIプロセスが開始され、要求終了後に終了します。
                                                        • FastCGIは、プロプライエタリなAPI(アプリケーションプログラミングインターフェイス)のオーバーヘッドと複雑さを導入することなく、CGIに内在するパフォーマンスの問題を解決する、高速でオープンで安全なWebサーバーインターフェイスです。 -詳細については、{ext-href}http://www.fastcgi.com{ext-href-end}http://www.fastcgi.com{ext-href-end-a}をご覧ください。 +詳細については、{ext-href} + https://fastcgi-archives.github.io/ +{ext-href-end} + https://fastcgi-archives.github.io/ +{ext-href-end-a}をご覧ください。 LiteSpeed Web Serverでは、FastCGIアプリケーションは動的応答の生成(応答者の役割)または要求の承認(承認者の役割)の2つの役割を果たすことができます。 LiteSpeed Web Serverは、ローカルFastCGIとリモートFastCGIの2種類のFastCGIアプリケーションをさらに定義します。 diff --git a/dist/docs/ja-JP/External_FCGI.html b/dist/docs/ja-JP/External_FCGI.html index ecf9aca51..561fc841c 100644 --- a/dist/docs/ja-JP/External_FCGI.html +++ b/dist/docs/ja-JP/External_FCGI.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                          OpenLiteSpeed Web Server ユーザーズマニュアル

                                                          -
                                                          Version 1.4  — Rev. 3
                                                          +
                                                          Version 1.4  — Rev. 4
                                                            diff --git a/dist/docs/ja-JP/External_FCGI_Auth.html b/dist/docs/ja-JP/External_FCGI_Auth.html index 86f2b2d2d..b4fcce8e8 100644 --- a/dist/docs/ja-JP/External_FCGI_Auth.html +++ b/dist/docs/ja-JP/External_FCGI_Auth.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                            OpenLiteSpeed Web Server ユーザーズマニュアル

                                                            -
                                                            Version 1.4  — Rev. 3
                                                            +
                                                            Version 1.4  — Rev. 4
                                                              diff --git a/dist/docs/ja-JP/External_LB.html b/dist/docs/ja-JP/External_LB.html index 76ce1460d..f5154fb36 100644 --- a/dist/docs/ja-JP/External_LB.html +++ b/dist/docs/ja-JP/External_LB.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                              OpenLiteSpeed Web Server ユーザーズマニュアル

                                                              -
                                                              Version 1.4  — Rev. 3
                                                              +
                                                              Version 1.4  — Rev. 4
                                                                diff --git a/dist/docs/ja-JP/External_LSAPI.html b/dist/docs/ja-JP/External_LSAPI.html index 823af41b6..bcb0b4de4 100644 --- a/dist/docs/ja-JP/External_LSAPI.html +++ b/dist/docs/ja-JP/External_LSAPI.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                -
                                                                Version 1.4  — Rev. 3
                                                                +
                                                                Version 1.4  — Rev. 4
                                                                  diff --git a/dist/docs/ja-JP/External_PL.html b/dist/docs/ja-JP/External_PL.html index 23abb666c..19395b2b4 100644 --- a/dist/docs/ja-JP/External_PL.html +++ b/dist/docs/ja-JP/External_PL.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                  OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                  -
                                                                  Version 1.4  — Rev. 3
                                                                  +
                                                                  Version 1.4  — Rev. 4
                                                                    diff --git a/dist/docs/ja-JP/External_Servlet.html b/dist/docs/ja-JP/External_Servlet.html index d041f7248..c702f2e92 100644 --- a/dist/docs/ja-JP/External_Servlet.html +++ b/dist/docs/ja-JP/External_Servlet.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                    OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                    -
                                                                    Version 1.4  — Rev. 3
                                                                    +
                                                                    Version 1.4  — Rev. 4
                                                                      diff --git a/dist/docs/ja-JP/External_WS.html b/dist/docs/ja-JP/External_WS.html index 80c1cbccc..373f7fbf2 100644 --- a/dist/docs/ja-JP/External_WS.html +++ b/dist/docs/ja-JP/External_WS.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                      OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                      -
                                                                      Version 1.4  — Rev. 3
                                                                      +
                                                                      Version 1.4  — Rev. 4
                                                                        diff --git a/dist/docs/ja-JP/FCGI_Context.html b/dist/docs/ja-JP/FCGI_Context.html index 35db3a4b1..229cbf8b8 100644 --- a/dist/docs/ja-JP/FCGI_Context.html +++ b/dist/docs/ja-JP/FCGI_Context.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                        OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                        -
                                                                        Version 1.4  — Rev. 3
                                                                        +
                                                                        Version 1.4  — Rev. 4
                                                                          @@ -93,7 +93,7 @@

                                                                          Fast CGIコンテキスト

                                                                          目次

                                                                          必要(許可ユーザー/グループ)

                                                                          説明

                                                                          このコンテキストにアクセスできるユーザー/グループを指定します。 これにより、複数のコンテキストにわたって1つのユーザー/グループデータベース(レルムで指定)を使用できますが、そのデータベースの特定のユーザー/グループのみがこのコンテキストにアクセスできます。

                                                                          構文

                                                                          構文はApache Requireディレクティブと互換性があります。 例えば:

                                                                          • user username [username ...]
                                                                            リストされたユーザーだけがこのコンテキストにアクセスできます。
                                                                          • group groupid [groupid ...]
                                                                            リストされたグループに属するユーザーのみがこのコンテキストにアクセスできます。
                                                                          この設定を指定しないと、すべての有効なユーザーがこのリソースにアクセスできます。

                                                                          アクセス許可

                                                                          説明

                                                                          このコンテキストでリソースにアクセスできるIPまたはサブネットワークを指定します。 アクセス拒否とサーバー/バーチャルホスト・レベルのアクセス制御とともに、アクセシビリティは、クライアントのIPアドレスが入る最小の範囲によって決まります。

                                                                          構文

                                                                          IP/サブネットワークのカンマ区切りリスト。

                                                                          サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.

                                                                          アクセス拒否

                                                                          説明

                                                                          このコンテキストでリソースにアクセスできないIPまたはサブネットワークを指定します。 アクセス許可とサーバー/バーチャルホストレベルのアクセス制御とともに、アクセシビリティはクライアントのIPアドレスが入る最小の範囲で決まります。

                                                                          構文

                                                                          IP/サブネットワークのカンマ区切りリスト。

                                                                          サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.
                                                                          -

                                                                          承認者

                                                                          説明

                                                                          権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、http://www.fastcgi.comを参照してください。 。

                                                                          構文

                                                                          ドロップダウンリストから選択

                                                                          +

                                                                          承認者

                                                                          説明

                                                                          権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、 https://fastcgi-archives.github.io/ を参照してください。 。

                                                                          構文

                                                                          ドロップダウンリストから選択

                                                                          デフォルトの文字セットを追加

                                                                          説明

                                                                          コンテンツタイプが "text/html"または "text/plain"のいずれかのパラメータがない場合、文字セットタグを "Content-Type"レスポンスヘッダーに追加するかどうかを指定します。 Offに設定すると、この機能は無効になります。 Onに設定すると、カスタマイズされたデフォルトの文字セットで指定された文字セットまたはデフォルトの "iso-8859-1"のいずれかが追加されます。

                                                                          構文

                                                                          ラジオボックスから選択

                                                                          IPジオロケーションを有効にする

                                                                          説明

                                                                          IPジオロケーション検索を有効/無効にするかどうかを指定します。 サーバ、バーチャルホスト、コンテキストレベルで設定できます。 値 「未設定」を使用すると、IPジオロケーションはデフォルトで無効になります。

                                                                          構文

                                                                          ラジオボックスから選択

                                                                          参照

                                                                          ヘッダーにクライアントIPを使用する, DBファイルのパス,

                                                                          diff --git a/dist/docs/ja-JP/Java_Web_App_Context.html b/dist/docs/ja-JP/Java_Web_App_Context.html index 9a47b4085..4a269553f 100644 --- a/dist/docs/ja-JP/Java_Web_App_Context.html +++ b/dist/docs/ja-JP/Java_Web_App_Context.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                          OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                          -
                                                                          Version 1.4  — Rev. 3
                                                                          +
                                                                          Version 1.4  — Rev. 4
                                                                            @@ -99,7 +99,7 @@

                                                                            Java Web アプリコンテキスト

                                                                            目次

                                                                            必要(許可ユーザー/グループ)

                                                                            説明

                                                                            このコンテキストにアクセスできるユーザー/グループを指定します。 これにより、複数のコンテキストにわたって1つのユーザー/グループデータベース(レルムで指定)を使用できますが、そのデータベースの特定のユーザー/グループのみがこのコンテキストにアクセスできます。

                                                                            構文

                                                                            構文はApache Requireディレクティブと互換性があります。 例えば:

                                                                            • user username [username ...]
                                                                              リストされたユーザーだけがこのコンテキストにアクセスできます。
                                                                            • group groupid [groupid ...]
                                                                              リストされたグループに属するユーザーのみがこのコンテキストにアクセスできます。
                                                                            この設定を指定しないと、すべての有効なユーザーがこのリソースにアクセスできます。

                                                                          アクセス許可

                                                                          説明

                                                                          このコンテキストでリソースにアクセスできるIPまたはサブネットワークを指定します。 アクセス拒否とサーバー/バーチャルホスト・レベルのアクセス制御とともに、アクセシビリティは、クライアントのIPアドレスが入る最小の範囲によって決まります。

                                                                          構文

                                                                          IP/サブネットワークのカンマ区切りリスト。

                                                                          サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.

                                                                          アクセス拒否

                                                                          説明

                                                                          このコンテキストでリソースにアクセスできないIPまたはサブネットワークを指定します。 アクセス許可とサーバー/バーチャルホストレベルのアクセス制御とともに、アクセシビリティはクライアントのIPアドレスが入る最小の範囲で決まります。

                                                                          構文

                                                                          IP/サブネットワークのカンマ区切りリスト。

                                                                          サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.
                                                                          -

                                                                          承認者

                                                                          説明

                                                                          権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、http://www.fastcgi.comを参照してください。 。

                                                                          構文

                                                                          ドロップダウンリストから選択

                                                                          +

                                                                          承認者

                                                                          説明

                                                                          権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、 https://fastcgi-archives.github.io/ を参照してください。 。

                                                                          構文

                                                                          ドロップダウンリストから選択

                                                                          デフォルトの文字セットを追加

                                                                          説明

                                                                          コンテンツタイプが "text/html"または "text/plain"のいずれかのパラメータがない場合、文字セットタグを "Content-Type"レスポンスヘッダーに追加するかどうかを指定します。 Offに設定すると、この機能は無効になります。 Onに設定すると、カスタマイズされたデフォルトの文字セットで指定された文字セットまたはデフォルトの "iso-8859-1"のいずれかが追加されます。

                                                                          構文

                                                                          ラジオボックスから選択

                                                                          IPジオロケーションを有効にする

                                                                          説明

                                                                          IPジオロケーション検索を有効/無効にするかどうかを指定します。 サーバ、バーチャルホスト、コンテキストレベルで設定できます。 値 「未設定」を使用すると、IPジオロケーションはデフォルトで無効になります。

                                                                          構文

                                                                          ラジオボックスから選択

                                                                          参照

                                                                          ヘッダーにクライアントIPを使用する, DBファイルのパス,

                                                                          diff --git a/dist/docs/ja-JP/LB_Context.html b/dist/docs/ja-JP/LB_Context.html index 287498624..e245303e5 100644 --- a/dist/docs/ja-JP/LB_Context.html +++ b/dist/docs/ja-JP/LB_Context.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                          OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                          -
                                                                          Version 1.4  — Rev. 3
                                                                          +
                                                                          Version 1.4  — Rev. 4
                                                                            @@ -93,7 +93,7 @@

                                                                            ロードバランサコンテキスト

                                                                            目次

                                                                            必要(許可ユーザー/グループ)

                                                                            説明

                                                                            このコンテキストにアクセスできるユーザー/グループを指定します。 これにより、複数のコンテキストにわたって1つのユーザー/グループデータベース(レルムで指定)を使用できますが、そのデータベースの特定のユーザー/グループのみがこのコンテキストにアクセスできます。

                                                                            構文

                                                                            構文はApache Requireディレクティブと互換性があります。 例えば:

                                                                            • user username [username ...]
                                                                              リストされたユーザーだけがこのコンテキストにアクセスできます。
                                                                            • group groupid [groupid ...]
                                                                              リストされたグループに属するユーザーのみがこのコンテキストにアクセスできます。
                                                                            この設定を指定しないと、すべての有効なユーザーがこのリソースにアクセスできます。

                                                                          アクセス許可

                                                                          説明

                                                                          このコンテキストでリソースにアクセスできるIPまたはサブネットワークを指定します。 アクセス拒否とサーバー/バーチャルホスト・レベルのアクセス制御とともに、アクセシビリティは、クライアントのIPアドレスが入る最小の範囲によって決まります。

                                                                          構文

                                                                          IP/サブネットワークのカンマ区切りリスト。

                                                                          サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.

                                                                          アクセス拒否

                                                                          説明

                                                                          このコンテキストでリソースにアクセスできないIPまたはサブネットワークを指定します。 アクセス許可とサーバー/バーチャルホストレベルのアクセス制御とともに、アクセシビリティはクライアントのIPアドレスが入る最小の範囲で決まります。

                                                                          構文

                                                                          IP/サブネットワークのカンマ区切りリスト。

                                                                          サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.
                                                                          -

                                                                          承認者

                                                                          説明

                                                                          権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、http://www.fastcgi.comを参照してください。 。

                                                                          構文

                                                                          ドロップダウンリストから選択

                                                                          +

                                                                          承認者

                                                                          説明

                                                                          権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、 https://fastcgi-archives.github.io/ を参照してください。 。

                                                                          構文

                                                                          ドロップダウンリストから選択

                                                                          デフォルトの文字セットを追加

                                                                          説明

                                                                          コンテンツタイプが "text/html"または "text/plain"のいずれかのパラメータがない場合、文字セットタグを "Content-Type"レスポンスヘッダーに追加するかどうかを指定します。 Offに設定すると、この機能は無効になります。 Onに設定すると、カスタマイズされたデフォルトの文字セットで指定された文字セットまたはデフォルトの "iso-8859-1"のいずれかが追加されます。

                                                                          構文

                                                                          ラジオボックスから選択

                                                                          IPジオロケーションを有効にする

                                                                          説明

                                                                          IPジオロケーション検索を有効/無効にするかどうかを指定します。 サーバ、バーチャルホスト、コンテキストレベルで設定できます。 値 「未設定」を使用すると、IPジオロケーションはデフォルトで無効になります。

                                                                          構文

                                                                          ラジオボックスから選択

                                                                          参照

                                                                          ヘッダーにクライアントIPを使用する, DBファイルのパス,

                                                                          diff --git a/dist/docs/ja-JP/LSAPI_Context.html b/dist/docs/ja-JP/LSAPI_Context.html index 386b4eb04..67ff8113c 100644 --- a/dist/docs/ja-JP/LSAPI_Context.html +++ b/dist/docs/ja-JP/LSAPI_Context.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                          OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                          -
                                                                          Version 1.4  — Rev. 3
                                                                          +
                                                                          Version 1.4  — Rev. 4
                                                                            @@ -93,7 +93,7 @@

                                                                            LiteSpeed SAPIコンテキスト

                                                                            目次

                                                                            必要(許可ユーザー/グループ)

                                                                            説明

                                                                            このコンテキストにアクセスできるユーザー/グループを指定します。 これにより、複数のコンテキストにわたって1つのユーザー/グループデータベース(レルムで指定)を使用できますが、そのデータベースの特定のユーザー/グループのみがこのコンテキストにアクセスできます。

                                                                            構文

                                                                            構文はApache Requireディレクティブと互換性があります。 例えば:

                                                                            • user username [username ...]
                                                                              リストされたユーザーだけがこのコンテキストにアクセスできます。
                                                                            • group groupid [groupid ...]
                                                                              リストされたグループに属するユーザーのみがこのコンテキストにアクセスできます。
                                                                            この設定を指定しないと、すべての有効なユーザーがこのリソースにアクセスできます。

                                                                          アクセス許可

                                                                          説明

                                                                          このコンテキストでリソースにアクセスできるIPまたはサブネットワークを指定します。 アクセス拒否とサーバー/バーチャルホスト・レベルのアクセス制御とともに、アクセシビリティは、クライアントのIPアドレスが入る最小の範囲によって決まります。

                                                                          構文

                                                                          IP/サブネットワークのカンマ区切りリスト。

                                                                          サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.

                                                                          アクセス拒否

                                                                          説明

                                                                          このコンテキストでリソースにアクセスできないIPまたはサブネットワークを指定します。 アクセス許可とサーバー/バーチャルホストレベルのアクセス制御とともに、アクセシビリティはクライアントのIPアドレスが入る最小の範囲で決まります。

                                                                          構文

                                                                          IP/サブネットワークのカンマ区切りリスト。

                                                                          サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.
                                                                          -

                                                                          承認者

                                                                          説明

                                                                          権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、http://www.fastcgi.comを参照してください。 。

                                                                          構文

                                                                          ドロップダウンリストから選択

                                                                          +

                                                                          承認者

                                                                          説明

                                                                          権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、 https://fastcgi-archives.github.io/ を参照してください。 。

                                                                          構文

                                                                          ドロップダウンリストから選択

                                                                          デフォルトの文字セットを追加

                                                                          説明

                                                                          コンテンツタイプが "text/html"または "text/plain"のいずれかのパラメータがない場合、文字セットタグを "Content-Type"レスポンスヘッダーに追加するかどうかを指定します。 Offに設定すると、この機能は無効になります。 Onに設定すると、カスタマイズされたデフォルトの文字セットで指定された文字セットまたはデフォルトの "iso-8859-1"のいずれかが追加されます。

                                                                          構文

                                                                          ラジオボックスから選択

                                                                          IPジオロケーションを有効にする

                                                                          説明

                                                                          IPジオロケーション検索を有効/無効にするかどうかを指定します。 サーバ、バーチャルホスト、コンテキストレベルで設定できます。 値 「未設定」を使用すると、IPジオロケーションはデフォルトで無効になります。

                                                                          構文

                                                                          ラジオボックスから選択

                                                                          参照

                                                                          ヘッダーにクライアントIPを使用する, DBファイルのパス,

                                                                          diff --git a/dist/docs/ja-JP/Listeners_General_Help.html b/dist/docs/ja-JP/Listeners_General_Help.html index 219a016e2..df842d152 100644 --- a/dist/docs/ja-JP/Listeners_General_Help.html +++ b/dist/docs/ja-JP/Listeners_General_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                          OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                          -
                                                                          Version 1.4  — Rev. 3
                                                                          +
                                                                          Version 1.4  — Rev. 4
                                                                            diff --git a/dist/docs/ja-JP/Listeners_SSL_Help.html b/dist/docs/ja-JP/Listeners_SSL_Help.html index ac53e6db0..fe4589c7b 100644 --- a/dist/docs/ja-JP/Listeners_SSL_Help.html +++ b/dist/docs/ja-JP/Listeners_SSL_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                            OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                            -
                                                                            Version 1.4  — Rev. 3
                                                                            +
                                                                            Version 1.4  — Rev. 4
                                                                              @@ -106,9 +106,9 @@

                                                                              リスナーSSL

                                                                              目次

                                                                              SSL再交渉保護

                                                                              説明

                                                                              SSL再交渉保護を有効にするかどうかを指定します。 SSLハンドシェイクベースの攻撃に対して防御します。 デフォルト値は "Yes"です。

                                                                              構文

                                                                              ラジオボックスから選択

                                                                              ヒント

                                                                              This setting can be enabled at the listener and virtual host levels.

                                                                            セッションキャッシュを有効にする

                                                                            説明

                                                                            セッションIDキャッシングを有効にします。 「未設定」の場合、デフォルトは「いいえ」です。 (Opensslデフォルト)

                                                                            構文

                                                                            ラジオボックスから選択

                                                                            セッションチケットを有効にする

                                                                            説明

                                                                            セッションチケットを有効にします。 「未設定」の場合、サーバーはopenSSLのデフォルトチケットを使用します。

                                                                            構文

                                                                            ラジオボックスから選択

                                                                            -

                                                                            SPDY/HTTP2を有効にする

                                                                            説明

                                                                            HTTP/2とSPDYは、ページロード時間を短縮する目的で、HTTPネットワークプロトコルの新バージョンです。 より多くの情報はhttp://en.wikipedia.org/wiki/HTTP/2で見つけることができます。

                                                                            構文

                                                                            有効にするプロトコルを確認します。 すべてのボックスをチェックしないと、SPDYとHTTP/2のサポート(デフォルト)が有効になります。 SPDYとHTTP/2を無効にする場合は、「なし」のみをチェックし、その他のチェックボックスはすべてオフにします。

                                                                            ヒント

                                                                            This setting can be set at the listener and virtual host levels.

                                                                            +

                                                                            SPDY/HTTP2を有効にする

                                                                            説明

                                                                            HTTP/2とSPDYは、ページロード時間を短縮する目的で、HTTPネットワークプロトコルの新バージョンです。 より多くの情報は http://en.wikipedia.org/wiki/HTTP/2 で見つけることができます。

                                                                            構文

                                                                            有効にするプロトコルを確認します。 すべてのボックスをチェックしないと、SPDYとHTTP/2のサポート(デフォルト)が有効になります。 SPDYとHTTP/2を無効にする場合は、「なし」のみをチェックし、その他のチェックボックスはすべてオフにします。

                                                                            ヒント

                                                                            This setting can be set at the listener and virtual host levels.

                                                                            Open HTTP3/QUIC (UDP) port

                                                                            説明

                                                                            Allows the use of the HTTP3/QUIC network protocol for virtual hosts mapped to this listener. For this setting to take effect, Enable HTTP3/QUIC must also be set to Yes at the server level. Default value is Yes.

                                                                            ヒント

                                                                            When this setting is set to Yes, HTTP3/QUIC can still be disabled at the virtual host level through the Enable HTTP3/QUIC setting.

                                                                            -

                                                                            OCSPステープリング

                                                                            説明

                                                                            オンライン証明書ステータスプロトコル(OCSP)は、デジタル証明書が有効かどうかを確認するより効率的な方法です。 OCSP応答者である他のサーバーと通信して、証明書失効リスト(CRL)をチェックする代わりに証明書が有効であることを確認します。
                                                                            OCSPステープリングは、このプロトコルのさらなる改良であり、証明書が要求されるたびにではなく、定期的な間隔でサーバーがOCSPレスポンダを確認できるようにします。 詳細については、OCSP Wikipediaのページをご覧ください。

                                                                            +

                                                                            OCSPステープリング

                                                                            説明

                                                                            オンライン証明書ステータスプロトコル(OCSP)は、デジタル証明書が有効かどうかを確認するより効率的な方法です。 OCSP応答者である他のサーバーと通信して、証明書失効リスト(CRL)をチェックする代わりに証明書が有効であることを確認します。
                                                                            OCSPステープリングは、このプロトコルのさらなる改良であり、証明書が要求されるたびにではなく、定期的な間隔でサーバーがOCSPレスポンダを確認できるようにします。 詳細については、 OCSP Wikipedia のページをご覧ください。

                                                                            OCSPステープルを有効にする

                                                                            説明

                                                                            OCSPステープルを有効にするかどうかを決定します。これは、公開鍵証明書を検証するより効率的な方法です。

                                                                            構文

                                                                            ラジオボックスから選択

                                                                            OCSPの応答最大年齢(秒)

                                                                            説明

                                                                            このオプションは、OCSP応答の許容可能な最大経過時間を設定します。 OCSP応答がこの最大年齢より古い場合、サーバーはOCSP応答者に新しい応答を要求します。 デフォルト値は86400です。 この値を-1に設定すると、最大年齢を無効にすることができます。

                                                                            構文

                                                                            秒数

                                                                            OCSPレスポンダ

                                                                            説明

                                                                            使用するOCSPレスポンダのURLを指定します。 設定されていない場合、サーバーは認証局の発行者証明書に記載されているOCSPレスポンダに接続を試みます。 一部の発行者証明書には、OCSPレスポンダURLが指定されていない場合があります。

                                                                            構文

                                                                            http://で始まるURL

                                                                            http://rapidssl-ocsp.geotrust.com
                                                                            diff --git a/dist/docs/ja-JP/Module_Context.html b/dist/docs/ja-JP/Module_Context.html index 29a2c1d95..7dd6f4f62 100644 --- a/dist/docs/ja-JP/Module_Context.html +++ b/dist/docs/ja-JP/Module_Context.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                            OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                            -
                                                                            Version 1.4  — Rev. 3
                                                                            +
                                                                            Version 1.4  — Rev. 4
                                                                              @@ -93,7 +93,7 @@

                                                                              モジュールハンドラコンテキスト

                                                                              目次

                                                                              必要(許可ユーザー/グループ)

                                                                              説明

                                                                              このコンテキストにアクセスできるユーザー/グループを指定します。 これにより、複数のコンテキストにわたって1つのユーザー/グループデータベース(レルムで指定)を使用できますが、そのデータベースの特定のユーザー/グループのみがこのコンテキストにアクセスできます。

                                                                              構文

                                                                              構文はApache Requireディレクティブと互換性があります。 例えば:

                                                                              • user username [username ...]
                                                                                リストされたユーザーだけがこのコンテキストにアクセスできます。
                                                                              • group groupid [groupid ...]
                                                                                リストされたグループに属するユーザーのみがこのコンテキストにアクセスできます。
                                                                              この設定を指定しないと、すべての有効なユーザーがこのリソースにアクセスできます。

                                                                            アクセス許可

                                                                            説明

                                                                            このコンテキストでリソースにアクセスできるIPまたはサブネットワークを指定します。 アクセス拒否とサーバー/バーチャルホスト・レベルのアクセス制御とともに、アクセシビリティは、クライアントのIPアドレスが入る最小の範囲によって決まります。

                                                                            構文

                                                                            IP/サブネットワークのカンマ区切りリスト。

                                                                            サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.

                                                                            アクセス拒否

                                                                            説明

                                                                            このコンテキストでリソースにアクセスできないIPまたはサブネットワークを指定します。 アクセス許可とサーバー/バーチャルホストレベルのアクセス制御とともに、アクセシビリティはクライアントのIPアドレスが入る最小の範囲で決まります。

                                                                            構文

                                                                            IP/サブネットワークのカンマ区切りリスト。

                                                                            サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.
                                                                            -

                                                                            承認者

                                                                            説明

                                                                            権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、http://www.fastcgi.comを参照してください。 。

                                                                            構文

                                                                            ドロップダウンリストから選択

                                                                            +

                                                                            承認者

                                                                            説明

                                                                            権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、 https://fastcgi-archives.github.io/ を参照してください。 。

                                                                            構文

                                                                            ドロップダウンリストから選択

                                                                            デフォルトの文字セットを追加

                                                                            説明

                                                                            コンテンツタイプが "text/html"または "text/plain"のいずれかのパラメータがない場合、文字セットタグを "Content-Type"レスポンスヘッダーに追加するかどうかを指定します。 Offに設定すると、この機能は無効になります。 Onに設定すると、カスタマイズされたデフォルトの文字セットで指定された文字セットまたはデフォルトの "iso-8859-1"のいずれかが追加されます。

                                                                            構文

                                                                            ラジオボックスから選択

                                                                            IPジオロケーションを有効にする

                                                                            説明

                                                                            IPジオロケーション検索を有効/無効にするかどうかを指定します。 サーバ、バーチャルホスト、コンテキストレベルで設定できます。 値 「未設定」を使用すると、IPジオロケーションはデフォルトで無効になります。

                                                                            構文

                                                                            ラジオボックスから選択

                                                                            参照

                                                                            ヘッダーにクライアントIPを使用する, DBファイルのパス,

                                                                            diff --git a/dist/docs/ja-JP/Module_Help.html b/dist/docs/ja-JP/Module_Help.html index 925717d12..7f9f16d70 100644 --- a/dist/docs/ja-JP/Module_Help.html +++ b/dist/docs/ja-JP/Module_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                            OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                            -
                                                                            Version 1.4  — Rev. 3
                                                                            +
                                                                            Version 1.4  — Rev. 4
                                                                              diff --git a/dist/docs/ja-JP/Proxy_Context.html b/dist/docs/ja-JP/Proxy_Context.html index 8609389b2..0aae86145 100644 --- a/dist/docs/ja-JP/Proxy_Context.html +++ b/dist/docs/ja-JP/Proxy_Context.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                              OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                              -
                                                                              Version 1.4  — Rev. 3
                                                                              +
                                                                              Version 1.4  — Rev. 4
                                                                                @@ -93,7 +93,7 @@

                                                                                プロキシコンテキスト

                                                                                目次

                                                                                必要(許可ユーザー/グループ)

                                                                                説明

                                                                                このコンテキストにアクセスできるユーザー/グループを指定します。 これにより、複数のコンテキストにわたって1つのユーザー/グループデータベース(レルムで指定)を使用できますが、そのデータベースの特定のユーザー/グループのみがこのコンテキストにアクセスできます。

                                                                                構文

                                                                                構文はApache Requireディレクティブと互換性があります。 例えば:

                                                                                • user username [username ...]
                                                                                  リストされたユーザーだけがこのコンテキストにアクセスできます。
                                                                                • group groupid [groupid ...]
                                                                                  リストされたグループに属するユーザーのみがこのコンテキストにアクセスできます。
                                                                                この設定を指定しないと、すべての有効なユーザーがこのリソースにアクセスできます。

                                                                              アクセス許可

                                                                              説明

                                                                              このコンテキストでリソースにアクセスできるIPまたはサブネットワークを指定します。 アクセス拒否とサーバー/バーチャルホスト・レベルのアクセス制御とともに、アクセシビリティは、クライアントのIPアドレスが入る最小の範囲によって決まります。

                                                                              構文

                                                                              IP/サブネットワークのカンマ区切りリスト。

                                                                              サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.

                                                                              アクセス拒否

                                                                              説明

                                                                              このコンテキストでリソースにアクセスできないIPまたはサブネットワークを指定します。 アクセス許可とサーバー/バーチャルホストレベルのアクセス制御とともに、アクセシビリティはクライアントのIPアドレスが入る最小の範囲で決まります。

                                                                              構文

                                                                              IP/サブネットワークのカンマ区切りリスト。

                                                                              サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.
                                                                              -

                                                                              承認者

                                                                              説明

                                                                              権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、http://www.fastcgi.comを参照してください。 。

                                                                              構文

                                                                              ドロップダウンリストから選択

                                                                              +

                                                                              承認者

                                                                              説明

                                                                              権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、 https://fastcgi-archives.github.io/ を参照してください。 。

                                                                              構文

                                                                              ドロップダウンリストから選択

                                                                              デフォルトの文字セットを追加

                                                                              説明

                                                                              コンテンツタイプが "text/html"または "text/plain"のいずれかのパラメータがない場合、文字セットタグを "Content-Type"レスポンスヘッダーに追加するかどうかを指定します。 Offに設定すると、この機能は無効になります。 Onに設定すると、カスタマイズされたデフォルトの文字セットで指定された文字セットまたはデフォルトの "iso-8859-1"のいずれかが追加されます。

                                                                              構文

                                                                              ラジオボックスから選択

                                                                              IPジオロケーションを有効にする

                                                                              説明

                                                                              IPジオロケーション検索を有効/無効にするかどうかを指定します。 サーバ、バーチャルホスト、コンテキストレベルで設定できます。 値 「未設定」を使用すると、IPジオロケーションはデフォルトで無効になります。

                                                                              構文

                                                                              ラジオボックスから選択

                                                                              参照

                                                                              ヘッダーにクライアントIPを使用する, DBファイルのパス,

                                                                              diff --git a/dist/docs/ja-JP/Redirect_Context.html b/dist/docs/ja-JP/Redirect_Context.html index 900e1d958..e3a46b028 100644 --- a/dist/docs/ja-JP/Redirect_Context.html +++ b/dist/docs/ja-JP/Redirect_Context.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                              OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                              -
                                                                              Version 1.4  — Rev. 3
                                                                              +
                                                                              Version 1.4  — Rev. 4
                                                                                @@ -95,7 +95,7 @@

                                                                                リダイレクトコンテキスト

                                                                                目次

                                                                                必要(許可ユーザー/グループ)

                                                                                説明

                                                                                このコンテキストにアクセスできるユーザー/グループを指定します。 これにより、複数のコンテキストにわたって1つのユーザー/グループデータベース(レルムで指定)を使用できますが、そのデータベースの特定のユーザー/グループのみがこのコンテキストにアクセスできます。

                                                                                構文

                                                                                構文はApache Requireディレクティブと互換性があります。 例えば:

                                                                                • user username [username ...]
                                                                                  リストされたユーザーだけがこのコンテキストにアクセスできます。
                                                                                • group groupid [groupid ...]
                                                                                  リストされたグループに属するユーザーのみがこのコンテキストにアクセスできます。
                                                                                この設定を指定しないと、すべての有効なユーザーがこのリソースにアクセスできます。

                                                                              アクセス許可

                                                                              説明

                                                                              このコンテキストでリソースにアクセスできるIPまたはサブネットワークを指定します。 アクセス拒否とサーバー/バーチャルホスト・レベルのアクセス制御とともに、アクセシビリティは、クライアントのIPアドレスが入る最小の範囲によって決まります。

                                                                              構文

                                                                              IP/サブネットワークのカンマ区切りリスト。

                                                                              サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.

                                                                              アクセス拒否

                                                                              説明

                                                                              このコンテキストでリソースにアクセスできないIPまたはサブネットワークを指定します。 アクセス許可とサーバー/バーチャルホストレベルのアクセス制御とともに、アクセシビリティはクライアントのIPアドレスが入る最小の範囲で決まります。

                                                                              構文

                                                                              IP/サブネットワークのカンマ区切りリスト。

                                                                              サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.
                                                                              -

                                                                              承認者

                                                                              説明

                                                                              権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、http://www.fastcgi.comを参照してください。 。

                                                                              構文

                                                                              ドロップダウンリストから選択

                                                                              +

                                                                              承認者

                                                                              説明

                                                                              権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、 https://fastcgi-archives.github.io/ を参照してください。 。

                                                                              構文

                                                                              ドロップダウンリストから選択

                                                                        diff --git a/dist/docs/ja-JP/Rewrite_Help.html b/dist/docs/ja-JP/Rewrite_Help.html index d2a6b8a10..18daa7073 100644 --- a/dist/docs/ja-JP/Rewrite_Help.html +++ b/dist/docs/ja-JP/Rewrite_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                        OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                        -
                                                                        Version 1.4  — Rev. 3
                                                                        +
                                                                        Version 1.4  — Rev. 4
                                                                          diff --git a/dist/docs/ja-JP/ScriptHandler_Help.html b/dist/docs/ja-JP/ScriptHandler_Help.html index 9da2394b0..895c2e093 100644 --- a/dist/docs/ja-JP/ScriptHandler_Help.html +++ b/dist/docs/ja-JP/ScriptHandler_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                          OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                          -
                                                                          Version 1.4  — Rev. 3
                                                                          +
                                                                          Version 1.4  — Rev. 4
                                                                            diff --git a/dist/docs/ja-JP/ServGeneral_Help.html b/dist/docs/ja-JP/ServGeneral_Help.html index 6f95ab088..8bf208c73 100644 --- a/dist/docs/ja-JP/ServGeneral_Help.html +++ b/dist/docs/ja-JP/ServGeneral_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                            OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                            -
                                                                            Version 1.4  — Rev. 3
                                                                            +
                                                                            Version 1.4  — Rev. 4
                                                                              @@ -107,7 +107,7 @@

                                                                              目次

                                                                              実行ユーザ・グループ

                                                                              説明

                                                                              サーバープロセスが実行されるユーザー/グループを指定します。 これは、インストールの前にconfigureコマンドを実行するときに、 "--with-user"と "--with-group"というパラメータを使用して設定されます。これらの値をリセットするには、configureコマンドを再実行して再インストールする必要があります。

                                                                              適用

                                                                              再インストールが必要です。

                                                                              ヒント

                                                                              [セキュリティ]サーバは、 "root"のような特権ユーザーとして実行しないでください。 サーバーが、ログイン/シェルアクセスを持たない特権のないユーザー/グループの組み合わせで実行するように構成されていることが重要です。 一般的にnobodyのユーザー/グループが良い選択です。

                                                                              プライオリティ

                                                                              説明

                                                                              サーバープロセスの優先度を指定します。値の範囲は-2020です。 数値が小さいほど優先度が高くなります。

                                                                              構文

                                                                              整数

                                                                              ヒント

                                                                              [パフォーマンス]通常、ビジー状態のサーバーで優先度を高くすると、Webパフォーマンスが若干高くなります。 データベースプロセスの優先度よりも高い優先度を設定しないでください。

                                                                              参照

                                                                              External App 優先度, CGI プライオリティ

                                                                              CPU Affinity

                                                                              説明

                                                                              CPU affinity binds a process to one or more CPUs (cores). It is beneficial for a process to always use the same CPU because then the process can make use of data left in CPU cache. If the process moves to a different CPU, there is no use of CPU cache and unnecessary overhead is required.

                                                                              The CPU Affinity setting controls how many CPUs (cores) one server process will be associated with. The minimum value is 0, which will disable this feature. The maximum value is the number of cores the server has. Generally, 1 is the best setting because because it creates the strictest use of CPU affinity and thus makes the most use of CPU cache.

                                                                              Default value: 0

                                                                              構文

                                                                              Integer value from 0 to 64. (0 will disable this feature)

                                                                              適用

                                                                              再インストールが必要です。

                                                                              -

                                                                              Cloud-Linux

                                                                              説明

                                                                              CloudLinuxの軽量バーチャル環境(LVE)が存在する場合に有効にするかどうかを指定します。 LiteSpeedをLVEと共に使用すると、より良いリソース管理を実現できます。 詳細については、http://www.cloudlinux.comを参照してください。

                                                                              構文

                                                                              選択

                                                                              +

                                                                              Cloud-Linux

                                                                              説明

                                                                              CloudLinuxの軽量バーチャル環境(LVE)が存在する場合に有効にするかどうかを指定します。 LiteSpeedをLVEと共に使用すると、より良いリソース管理を実現できます。 詳細については、http://www.cloudlinux.comを参照してください。

                                                                              構文

                                                                              選択

                                                                              最大I/Oバッファサイズ

                                                                              説明

                                                                              要求本体およびその動的生成応答を格納するために使用される最大バッファー・サイズを指定します。 この制限に達すると、サーバーはスワップディレクトリの下に一時的なスワップファイルを作成し始めます。

                                                                              構文

                                                                              整数

                                                                              ヒント

                                                                              [パフォーマンス]メモリとディスクのスワップを避けるために、すべての同時要求/応答を収容できる大きさのバッファサイズを設定します。 スワップ・ダイレクトイに頻繁にI/Oアクティビティがある場合(デフォルトでは/tmp/lshttpd/swap/)、このバッファ・サイズは低すぎるため、LiteSpeedはディスクにスワップします。

                                                                              参照

                                                                              スワップディレクトリ

                                                                              スワップディレクトリ

                                                                              説明

                                                                              スワップファイルを配置するディレクトリを指定します。 サーバがchrootモードで起動されると、このディレクトリは新しいルートディレクトリに相対的です。それ以外の場合は、実際のルートディレクトリに相対的です。
                                                                              サーバーは、独自のバーチャルメモリーを使用してシステムのメモリー使用量を削減します。 バーチャルメモリとディスクスワッピングは、大きな要求本体と動的に生成された応答を格納するために使用されます。 スワッピングディレクトリは、十分なスペースを持つディスク上に配置する必要があります。

                                                                              構文

                                                                              絶対パス。

                                                                              ヒント

                                                                              [パフォーマンス]スワッピングディレクトリを別のディスクに配置するか、最大I/Oバッファサイズを増やしてスワッピングを排除します。

                                                                              参照

                                                                              最大I/Oバッファサイズ

                                                                              自動修正 503 エラー

                                                                              説明

                                                                              「503 Service Unavailable」エラーを修正するかどうかを指定します。 サーバーを正常に再起動します。 通常、「503」エラーは外部アプリケーションが誤動作したために発生し、Webサーバーを再起動するとエラーが一時的に修正されることがあります。 有効にすると、30秒間に50件以上の「503」エラーが発生すると、サーバーは自動的に再起動します。 この機能はデフォルトで有効になっています。

                                                                              構文

                                                                              ラジオボックスから選択

                                                                              diff --git a/dist/docs/ja-JP/ServLog_Help.html b/dist/docs/ja-JP/ServLog_Help.html index ecac442ad..b17952e69 100644 --- a/dist/docs/ja-JP/ServLog_Help.html +++ b/dist/docs/ja-JP/ServLog_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                              OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                              -
                                                                              Version 1.4  — Rev. 3
                                                                              +
                                                                              Version 1.4  — Rev. 4
                                                                                diff --git a/dist/docs/ja-JP/ServSecurity_Help.html b/dist/docs/ja-JP/ServSecurity_Help.html index d895fb7f4..cc75c0d7a 100644 --- a/dist/docs/ja-JP/ServSecurity_Help.html +++ b/dist/docs/ja-JP/ServSecurity_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                -
                                                                                Version 1.4  — Rev. 3
                                                                                +
                                                                                Version 1.4  — Rev. 4
                                                                                  @@ -138,8 +138,8 @@

                                                                                  サーバーのセキュリティ

                                                                                  目次

                                                                                  Bot White List

                                                                                  説明

                                                                                  List of custom user agents to allow access. Will be subject to the ‘good bots’ limitations, including allowedRobotHits.

                                                                                  構文

                                                                                  List of user agents, one per line. Regex is supported.

                                                                                Connection Limit

                                                                                説明

                                                                                The number of concurrent connections (SSL & non-SSL) needed to activate reCAPTCHA. reCAPTCHA will be used until concurrent connections drop below this number.

                                                                                Default value is 15000.

                                                                                構文

                                                                                整数

                                                                                SSL Connection Limit

                                                                                説明

                                                                                The number of concurrent SSL connections needed to activate reCAPTCHA. reCAPTCHA will be used until concurrent connections drop below this number.

                                                                                Default value is 10000.

                                                                                構文

                                                                                整数

                                                                                -

                                                                                Bubblewrap Container

                                                                                説明

                                                                                Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/index.php/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

                                                                                This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

                                                                                Default values:
                                                                                Server level: Disabled
                                                                                VH level: Inherit Server level setting

                                                                                構文

                                                                                ドロップダウンリストから選択

                                                                                -

                                                                                Bubblewrap Command

                                                                                説明

                                                                                The full bubblewrap use command, including the bubblewrap program itself. More on configuring this command can be found here: https://openlitespeed.org/kb/bubblewrap-in-openlitespeed/ . If not specified, the default command listed below will be used.

                                                                                Default value: /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --dir /tmp --proc /proc --symlink ../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /home/$USER /home/$USER --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’

                                                                                +

                                                                                Bubblewrap Container

                                                                                説明

                                                                                Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/title/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

                                                                                This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

                                                                                Default values:
                                                                                Server level: Disabled
                                                                                VH level: Inherit Server level setting

                                                                                構文

                                                                                ドロップダウンリストから選択

                                                                                +

                                                                                Bubblewrap Command

                                                                                説明

                                                                                The full bubblewrap use command, including the bubblewrap program itself. More on configuring this command can be found here: https://openlitespeed.org/kb/bubblewrap-in-openlitespeed/ . If not specified, the default command listed below will be used.

                                                                                Default value: /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --dir /tmp --proc /proc --symlink ../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /home/$USER /home/$USER --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’

                                                                                アクセスが拒否されたディレクトリ

                                                                                説明

                                                                                アクセスをブロックするディレクトリを指定します。 重要なデータを含むディレクトリをこのリストに追加して、誤って機密ファイルをクライアントに公開しないようにします。 すべてのサブディレクトリを含めるためにパスに「*」を追加します。 シンボリックリンクに従うシンボリックリンクを確認するの両方を有効にすると、拒否されたディレクトリに対してシンボリックリンクがチェックされます。

                                                                                構文

                                                                                ディレクトリのカンマ区切りリスト

                                                                                ヒント

                                                                                [セキュリティ]重要な点:この設定では、これらのディレクトリから静的ファイルを提供することができません。 これは、PHP/Ruby/CGIなどの外部スクリプトによるエクスポージャーを防ぐものではありません。

                                                                                アクセス制御

                                                                                説明

                                                                                どのサブネットワークおよび/またはIPアドレスがサーバーにアクセスできるかを指定します。 サーバレベルでは、この設定はすべてのバーチャルホストに影響します。 バーチャルホストレベルで各バーチャルホストに固有のアクセス制御を設定することもできます。 バーチャルホストレベルの設定はサーバーレベルの設定を上書きしません。

                                                                                ブロック/ IPの許可は、許可リストと拒否リストの組み合わせによって決まります。 特定のIPまたはサブネットワークのみをブロックする場合は、許可リスト*またはALLを入れ、ブロックされたIPまたはサブネットワークを拒否リスト
                                                                                特定のIPまたはサブネットワークのみを許可する場合は、拒否リスト*またはALLを入れ、許可されたIPまたはサブネットワークを許可リスト
                                                                                IPに適合する最小スコープの設定は、アクセスを決定するために使用されます。

                                                                                サーバーレベル:信頼できるIPまたはサブネットワークは、許可リストに、末尾の "T"を追加することで指定する必要があります。 信頼できるIPまたはサブネットワークは、接続/スロットリング制限の影響を受けません。 信頼できるIP/サブネットワークは、サーバーレベルのアクセス制御でのみ設定できます。

                                                                                ヒント

                                                                                [セキュリティ]すべてのバーチャルホストに適用される一般的な制限については、サーバーレベルでこれを使用してください。

                                                                                許可リスト

                                                                                説明

                                                                                許可されるIPまたはサブネットワークのリストを指定します。 *またはALLが受け入れられます。

                                                                                構文

                                                                                IPアドレスまたはサブネットワークのカンマ区切りリスト。 末尾の「T」は、192.168.1.*Tなどの信頼できるIPまたはサブネットワークを示すために使用できます。

                                                                                Sub-networks: 192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1, or 192.168.1.*
                                                                                IPv6 addresses: ::1 or [::1]
                                                                                IPv6 subnets: 3ffe:302:11:2:20f:1fff:fe29:717c/64 or [3ffe:302:11:2:20f:1fff:fe29:717c]/64

                                                                                ヒント

                                                                                [セキュリティ]サーバーレベルのアクセス制御で設定された信頼されたIPまたはサブネットワークは、接続/スロットリングの制限から除外されます。

                                                                                diff --git a/dist/docs/ja-JP/ServTuning_Help.html b/dist/docs/ja-JP/ServTuning_Help.html index a94f85c88..10f9e1d0e 100644 --- a/dist/docs/ja-JP/ServTuning_Help.html +++ b/dist/docs/ja-JP/ServTuning_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                -
                                                                                Version 1.4  — Rev. 3
                                                                                +
                                                                                Version 1.4  — Rev. 4
                                                                                  @@ -146,7 +146,7 @@

                                                                                  サーバーのチューニング

                                                                                  目次

                                                                                  Max Concurrent Streams Per Connection

                                                                                  説明

                                                                                  The maximum number of concurrent streams allowed per QUIC connection. Default value is 100.

                                                                                  構文

                                                                                  Integer number between 10 and 1000

                                                                                Handshake Timeout

                                                                                説明

                                                                                The time in seconds a new QUIC connection is given to complete its handshake, after which the connection is aborted. Default value is 10.

                                                                                構文

                                                                                Integer number between 1 and 15

                                                                                Idle Timeout

                                                                                説明

                                                                                The time in seconds after which an idle QUIC connection will be closed. Default value is 30.

                                                                                構文

                                                                                Integer number between 10 and 30

                                                                                -

                                                                                Enable DPLPMTUD

                                                                                説明

                                                                                Enable Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).

                                                                                Background on DPLPMTUD (RFC 8899)

                                                                                Default value: Yes

                                                                                構文

                                                                                ラジオボックスから選択

                                                                                +

                                                                                Enable DPLPMTUD

                                                                                説明

                                                                                Enable Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).

                                                                                Background on DPLPMTUD (RFC 8899)

                                                                                Default value: Yes

                                                                                構文

                                                                                ラジオボックスから選択

                                                                                PLPMTU Base Value

                                                                                説明

                                                                                The maximum value of PLPMTU (maximum packet size without headers) in bytes that QUIC will use by default. Setting this to 0 will allow QUIC to pick the size.

                                                                                This setting should be set lower than PLPMTU Max Value.

                                                                                Default value: 0

                                                                                構文

                                                                                0 or integer number between 1200 and 65527

                                                                                PLPMTU Max Value

                                                                                説明

                                                                                The PLPMTU (maximum packet size without headers) probe upper limit in bytes. This setting is used to limit the "maximum packet size" in the DPLPMTUD search space. Setting this to 0 will allow QUIC to pick the size (By default LSQUIC assumes that MTU is 1,500 bytes (Ethernet)).

                                                                                This setting should be set higher than PLPMTU Base Value.
                                                                                Default value: 0

                                                                                構文

                                                                                0 or integer number between 1200 and 65527

                                                                              diff --git a/dist/docs/ja-JP/ServerStat_Help.html b/dist/docs/ja-JP/ServerStat_Help.html index 93bdb4cfb..444f486e5 100644 --- a/dist/docs/ja-JP/ServerStat_Help.html +++ b/dist/docs/ja-JP/ServerStat_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                              OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                              -
                                                                              Version 1.4  — Rev. 3
                                                                              +
                                                                              Version 1.4  — Rev. 4
                                                                                diff --git a/dist/docs/ja-JP/Servlet_Context.html b/dist/docs/ja-JP/Servlet_Context.html index 294795534..54638ee78 100644 --- a/dist/docs/ja-JP/Servlet_Context.html +++ b/dist/docs/ja-JP/Servlet_Context.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                -
                                                                                Version 1.4  — Rev. 3
                                                                                +
                                                                                Version 1.4  — Rev. 4
                                                                                  @@ -93,7 +93,7 @@

                                                                                  サーブレットコンテキスト

                                                                                  目次

                                                                                  必要(許可ユーザー/グループ)

                                                                                  説明

                                                                                  このコンテキストにアクセスできるユーザー/グループを指定します。 これにより、複数のコンテキストにわたって1つのユーザー/グループデータベース(レルムで指定)を使用できますが、そのデータベースの特定のユーザー/グループのみがこのコンテキストにアクセスできます。

                                                                                  構文

                                                                                  構文はApache Requireディレクティブと互換性があります。 例えば:

                                                                                  • user username [username ...]
                                                                                    リストされたユーザーだけがこのコンテキストにアクセスできます。
                                                                                  • group groupid [groupid ...]
                                                                                    リストされたグループに属するユーザーのみがこのコンテキストにアクセスできます。
                                                                                  この設定を指定しないと、すべての有効なユーザーがこのリソースにアクセスできます。

                                                                                アクセス許可

                                                                                説明

                                                                                このコンテキストでリソースにアクセスできるIPまたはサブネットワークを指定します。 アクセス拒否とサーバー/バーチャルホスト・レベルのアクセス制御とともに、アクセシビリティは、クライアントのIPアドレスが入る最小の範囲によって決まります。

                                                                                構文

                                                                                IP/サブネットワークのカンマ区切りリスト。

                                                                                サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.

                                                                                アクセス拒否

                                                                                説明

                                                                                このコンテキストでリソースにアクセスできないIPまたはサブネットワークを指定します。 アクセス許可とサーバー/バーチャルホストレベルのアクセス制御とともに、アクセシビリティはクライアントのIPアドレスが入る最小の範囲で決まります。

                                                                                構文

                                                                                IP/サブネットワークのカンマ区切りリスト。

                                                                                サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.
                                                                                -

                                                                                承認者

                                                                                説明

                                                                                権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、http://www.fastcgi.comを参照してください。 。

                                                                                構文

                                                                                ドロップダウンリストから選択

                                                                                +

                                                                                承認者

                                                                                説明

                                                                                権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、 https://fastcgi-archives.github.io/ を参照してください。 。

                                                                                構文

                                                                                ドロップダウンリストから選択

                                                                                デフォルトの文字セットを追加

                                                                                説明

                                                                                コンテンツタイプが "text/html"または "text/plain"のいずれかのパラメータがない場合、文字セットタグを "Content-Type"レスポンスヘッダーに追加するかどうかを指定します。 Offに設定すると、この機能は無効になります。 Onに設定すると、カスタマイズされたデフォルトの文字セットで指定された文字セットまたはデフォルトの "iso-8859-1"のいずれかが追加されます。

                                                                                構文

                                                                                ラジオボックスから選択

                                                                                IPジオロケーションを有効にする

                                                                                説明

                                                                                IPジオロケーション検索を有効/無効にするかどうかを指定します。 サーバ、バーチャルホスト、コンテキストレベルで設定できます。 値 「未設定」を使用すると、IPジオロケーションはデフォルトで無効になります。

                                                                                構文

                                                                                ラジオボックスから選択

                                                                                参照

                                                                                ヘッダーにクライアントIPを使用する, DBファイルのパス,

                                                                                diff --git a/dist/docs/ja-JP/Static_Context.html b/dist/docs/ja-JP/Static_Context.html index f031805c9..155cc7e55 100644 --- a/dist/docs/ja-JP/Static_Context.html +++ b/dist/docs/ja-JP/Static_Context.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                -
                                                                                Version 1.4  — Rev. 3
                                                                                +
                                                                                Version 1.4  — Rev. 4
                                                                                  @@ -102,7 +102,7 @@

                                                                                  静的コンテキスト

                                                                                  目次

                                                                                  必要(許可ユーザー/グループ)

                                                                                  説明

                                                                                  このコンテキストにアクセスできるユーザー/グループを指定します。 これにより、複数のコンテキストにわたって1つのユーザー/グループデータベース(レルムで指定)を使用できますが、そのデータベースの特定のユーザー/グループのみがこのコンテキストにアクセスできます。

                                                                                  構文

                                                                                  構文はApache Requireディレクティブと互換性があります。 例えば:

                                                                                  • user username [username ...]
                                                                                    リストされたユーザーだけがこのコンテキストにアクセスできます。
                                                                                  • group groupid [groupid ...]
                                                                                    リストされたグループに属するユーザーのみがこのコンテキストにアクセスできます。
                                                                                  この設定を指定しないと、すべての有効なユーザーがこのリソースにアクセスできます。

                                                                                アクセス許可

                                                                                説明

                                                                                このコンテキストでリソースにアクセスできるIPまたはサブネットワークを指定します。 アクセス拒否とサーバー/バーチャルホスト・レベルのアクセス制御とともに、アクセシビリティは、クライアントのIPアドレスが入る最小の範囲によって決まります。

                                                                                構文

                                                                                IP/サブネットワークのカンマ区切りリスト。

                                                                                サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.

                                                                                アクセス拒否

                                                                                説明

                                                                                このコンテキストでリソースにアクセスできないIPまたはサブネットワークを指定します。 アクセス許可とサーバー/バーチャルホストレベルのアクセス制御とともに、アクセシビリティはクライアントのIPアドレスが入る最小の範囲で決まります。

                                                                                構文

                                                                                IP/サブネットワークのカンマ区切りリスト。

                                                                                サブネットワークは以下のように書くことができます 192.168.1.0/255.255.255.0, 192.168.1, 又は 192.168.1.*.
                                                                                -

                                                                                承認者

                                                                                説明

                                                                                権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、http://www.fastcgi.comを参照してください。 。

                                                                                構文

                                                                                ドロップダウンリストから選択

                                                                                +

                                                                                承認者

                                                                                説明

                                                                                権限のある/権限のないかの決定を生成するために使用できる外部アプリケーションを指定します。 現在、FastCGI Authorizerのみが使用可能です。 FastCGI Authorizerの役割の詳細については、 https://fastcgi-archives.github.io/ を参照してください。 。

                                                                                構文

                                                                                ドロップダウンリストから選択

                                                                                デフォルトの文字セットを追加

                                                                                説明

                                                                                コンテンツタイプが "text/html"または "text/plain"のいずれかのパラメータがない場合、文字セットタグを "Content-Type"レスポンスヘッダーに追加するかどうかを指定します。 Offに設定すると、この機能は無効になります。 Onに設定すると、カスタマイズされたデフォルトの文字セットで指定された文字セットまたはデフォルトの "iso-8859-1"のいずれかが追加されます。

                                                                                構文

                                                                                ラジオボックスから選択

                                                                                Rewriteを有効にする

                                                                                説明

                                                                                LiteSpeedのURL書き換えエンジンを有効にするかどうかを指定します。 このオプションは、バーチャルホストまたはコンテキストレベルでカスタマイズでき、明示的に上書きされるまでディレクトリツリーに沿って継承されます。

                                                                                構文

                                                                                ラジオボックスから選択

                                                                                diff --git a/dist/docs/ja-JP/Templates_Help.html b/dist/docs/ja-JP/Templates_Help.html index 8f2d55749..00836d57b 100644 --- a/dist/docs/ja-JP/Templates_Help.html +++ b/dist/docs/ja-JP/Templates_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                -
                                                                                Version 1.4  — Rev. 3
                                                                                +
                                                                                Version 1.4  — Rev. 4
                                                                                  diff --git a/dist/docs/ja-JP/VHGeneral_Help.html b/dist/docs/ja-JP/VHGeneral_Help.html index ca5a1d5a0..4876a19ea 100644 --- a/dist/docs/ja-JP/VHGeneral_Help.html +++ b/dist/docs/ja-JP/VHGeneral_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                  OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                  -
                                                                                  Version 1.4  — Rev. 3
                                                                                  +
                                                                                  Version 1.4  — Rev. 4
                                                                                    diff --git a/dist/docs/ja-JP/VHSSL_Help.html b/dist/docs/ja-JP/VHSSL_Help.html index af13b86b7..25975d5a1 100644 --- a/dist/docs/ja-JP/VHSSL_Help.html +++ b/dist/docs/ja-JP/VHSSL_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                    OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                    -
                                                                                    Version 1.4  — Rev. 3
                                                                                    +
                                                                                    Version 1.4  — Rev. 4
                                                                                      @@ -106,9 +106,9 @@

                                                                                      Virtual Host SSL

                                                                                      目次

                                                                                      SSL再交渉保護

                                                                                      説明

                                                                                      SSL再交渉保護を有効にするかどうかを指定します。 SSLハンドシェイクベースの攻撃に対して防御します。 デフォルト値は "Yes"です。

                                                                                      構文

                                                                                      ラジオボックスから選択

                                                                                      ヒント

                                                                                      This setting can be enabled at the listener and virtual host levels.

                                                                                    セッションキャッシュを有効にする

                                                                                    説明

                                                                                    セッションIDキャッシングを有効にします。 「未設定」の場合、デフォルトは「いいえ」です。 (Opensslデフォルト)

                                                                                    構文

                                                                                    ラジオボックスから選択

                                                                                    セッションチケットを有効にする

                                                                                    説明

                                                                                    セッションチケットを有効にします。 「未設定」の場合、サーバーはopenSSLのデフォルトチケットを使用します。

                                                                                    構文

                                                                                    ラジオボックスから選択

                                                                                    -

                                                                                    SPDY/HTTP2を有効にする

                                                                                    説明

                                                                                    HTTP/2とSPDYは、ページロード時間を短縮する目的で、HTTPネットワークプロトコルの新バージョンです。 より多くの情報はhttp://en.wikipedia.org/wiki/HTTP/2で見つけることができます。

                                                                                    構文

                                                                                    有効にするプロトコルを確認します。 すべてのボックスをチェックしないと、SPDYとHTTP/2のサポート(デフォルト)が有効になります。 SPDYとHTTP/2を無効にする場合は、「なし」のみをチェックし、その他のチェックボックスはすべてオフにします。

                                                                                    ヒント

                                                                                    This setting can be set at the listener and virtual host levels.

                                                                                    +

                                                                                    SPDY/HTTP2を有効にする

                                                                                    説明

                                                                                    HTTP/2とSPDYは、ページロード時間を短縮する目的で、HTTPネットワークプロトコルの新バージョンです。 より多くの情報は http://en.wikipedia.org/wiki/HTTP/2 で見つけることができます。

                                                                                    構文

                                                                                    有効にするプロトコルを確認します。 すべてのボックスをチェックしないと、SPDYとHTTP/2のサポート(デフォルト)が有効になります。 SPDYとHTTP/2を無効にする場合は、「なし」のみをチェックし、その他のチェックボックスはすべてオフにします。

                                                                                    ヒント

                                                                                    This setting can be set at the listener and virtual host levels.

                                                                                    Enable HTTP3/QUIC

                                                                                    説明

                                                                                    Enables the HTTP3/QUIC network protocol for this virtual host. For this setting to take effect, both Enable HTTP3/QUIC and Open HTTP3/QUIC (UDP) port must also be set to Yes at the server and listener levels respectively. Default value is Yes.

                                                                                    構文

                                                                                    ラジオボックスから選択

                                                                                    ヒント

                                                                                    When this setting is set to No, the HTTP3/QUIC advertisement will no longer be sent. If a browser still contains cached HTTP3/QUIC information and HTTP3/QUIC is still enabled at the server and listener levels, an HTTP3/QUIC connection will continue to be used until this information is no longer cached or an HTTP3/QUIC protocol error is encountered.

                                                                                    -

                                                                                    OCSPステープリング

                                                                                    説明

                                                                                    オンライン証明書ステータスプロトコル(OCSP)は、デジタル証明書が有効かどうかを確認するより効率的な方法です。 OCSP応答者である他のサーバーと通信して、証明書失効リスト(CRL)をチェックする代わりに証明書が有効であることを確認します。
                                                                                    OCSPステープリングは、このプロトコルのさらなる改良であり、証明書が要求されるたびにではなく、定期的な間隔でサーバーがOCSPレスポンダを確認できるようにします。 詳細については、OCSP Wikipediaのページをご覧ください。

                                                                                    +

                                                                                    OCSPステープリング

                                                                                    説明

                                                                                    オンライン証明書ステータスプロトコル(OCSP)は、デジタル証明書が有効かどうかを確認するより効率的な方法です。 OCSP応答者である他のサーバーと通信して、証明書失効リスト(CRL)をチェックする代わりに証明書が有効であることを確認します。
                                                                                    OCSPステープリングは、このプロトコルのさらなる改良であり、証明書が要求されるたびにではなく、定期的な間隔でサーバーがOCSPレスポンダを確認できるようにします。 詳細については、 OCSP Wikipedia のページをご覧ください。

                                                                                    OCSPステープルを有効にする

                                                                                    説明

                                                                                    OCSPステープルを有効にするかどうかを決定します。これは、公開鍵証明書を検証するより効率的な方法です。

                                                                                    構文

                                                                                    ラジオボックスから選択

                                                                                    OCSPの応答最大年齢(秒)

                                                                                    説明

                                                                                    このオプションは、OCSP応答の許容可能な最大経過時間を設定します。 OCSP応答がこの最大年齢より古い場合、サーバーはOCSP応答者に新しい応答を要求します。 デフォルト値は86400です。 この値を-1に設定すると、最大年齢を無効にすることができます。

                                                                                    構文

                                                                                    秒数

                                                                                    OCSPレスポンダ

                                                                                    説明

                                                                                    使用するOCSPレスポンダのURLを指定します。 設定されていない場合、サーバーは認証局の発行者証明書に記載されているOCSPレスポンダに接続を試みます。 一部の発行者証明書には、OCSPレスポンダURLが指定されていない場合があります。

                                                                                    構文

                                                                                    http://で始まるURL

                                                                                    http://rapidssl-ocsp.geotrust.com
                                                                                    diff --git a/dist/docs/ja-JP/VHSecurity_Help.html b/dist/docs/ja-JP/VHSecurity_Help.html index 8a843415c..497a5af13 100644 --- a/dist/docs/ja-JP/VHSecurity_Help.html +++ b/dist/docs/ja-JP/VHSecurity_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                    OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                    -
                                                                                    Version 1.4  — Rev. 3
                                                                                    +
                                                                                    Version 1.4  — Rev. 4
                                                                                      @@ -97,7 +97,7 @@

                                                                                      バーチャルホストのセキュリティ

                                                                                      目次

                                                                                      reCAPTCHA Type

                                                                                      説明

                                                                                      Specify the reCAPTCHA type to use with the key pairs. If a key pair has not been provided and this setting is set to Not Set, a default key pair of type Invisible will be used.
                                                                                      Checkbox will display a checkbox reCAPTCHA for the visitor to validate.
                                                                                      Invisible will attempt to validate the reCAPTCHA automatically and if successful, will redirect to the desired page.

                                                                                      Default value is Invisible.

                                                                                      構文

                                                                                      ドロップダウンリストから選択

                                                                                    Max Tries

                                                                                    説明

                                                                                    Max Tries specifies the maximum number of reCAPTCHA attempts permitted before denying the visitor.

                                                                                    Default value is 3.

                                                                                    構文

                                                                                    整数

                                                                                    Concurrent Request Limit

                                                                                    説明

                                                                                    The number of concurrent requests needed to activate reCAPTCHA. reCAPTCHA will be used until concurrent requests drop below this number.

                                                                                    Default value is 15000.

                                                                                    構文

                                                                                    整数

                                                                                    -

                                                                                    Bubblewrap Container

                                                                                    説明

                                                                                    Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/index.php/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

                                                                                    This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

                                                                                    Default values:
                                                                                    Server level: Disabled
                                                                                    VH level: Inherit Server level setting

                                                                                    構文

                                                                                    ドロップダウンリストから選択

                                                                                    +

                                                                                    Bubblewrap Container

                                                                                    説明

                                                                                    Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/title/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

                                                                                    This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

                                                                                    Default values:
                                                                                    Server level: Disabled
                                                                                    VH level: Inherit Server level setting

                                                                                    構文

                                                                                    ドロップダウンリストから選択

                                                                                    アクセス制御

                                                                                    説明

                                                                                    どのサブネットワークおよび/またはIPアドレスがサーバーにアクセスできるかを指定します。 サーバレベルでは、この設定はすべてのバーチャルホストに影響します。 バーチャルホストレベルで各バーチャルホストに固有のアクセス制御を設定することもできます。 バーチャルホストレベルの設定はサーバーレベルの設定を上書きしません。

                                                                                    ブロック/ IPの許可は、許可リストと拒否リストの組み合わせによって決まります。 特定のIPまたはサブネットワークのみをブロックする場合は、許可リスト*またはALLを入れ、ブロックされたIPまたはサブネットワークを拒否リスト
                                                                                    特定のIPまたはサブネットワークのみを許可する場合は、拒否リスト*またはALLを入れ、許可されたIPまたはサブネットワークを許可リスト
                                                                                    IPに適合する最小スコープの設定は、アクセスを決定するために使用されます。

                                                                                    サーバーレベル:信頼できるIPまたはサブネットワークは、許可リストに、末尾の "T"を追加することで指定する必要があります。 信頼できるIPまたはサブネットワークは、接続/スロットリング制限の影響を受けません。 信頼できるIP/サブネットワークは、サーバーレベルのアクセス制御でのみ設定できます。

                                                                                    ヒント

                                                                                    [セキュリティ]すべてのバーチャルホストに適用される一般的な制限については、サーバーレベルでこれを使用してください。

                                                                                    許可リスト

                                                                                    説明

                                                                                    許可されるIPまたはサブネットワークのリストを指定します。 *またはALLが受け入れられます。

                                                                                    構文

                                                                                    IPアドレスまたはサブネットワークのカンマ区切りリスト。 末尾の「T」は、192.168.1.*Tなどの信頼できるIPまたはサブネットワークを示すために使用できます。

                                                                                    Sub-networks: 192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1, or 192.168.1.*
                                                                                    IPv6 addresses: ::1 or [::1]
                                                                                    IPv6 subnets: 3ffe:302:11:2:20f:1fff:fe29:717c/64 or [3ffe:302:11:2:20f:1fff:fe29:717c]/64

                                                                                    ヒント

                                                                                    [セキュリティ]サーバーレベルのアクセス制御で設定された信頼されたIPまたはサブネットワークは、接続/スロットリングの制限から除外されます。

                                                                                    拒否リスト

                                                                                    説明

                                                                                    許可されていないIPまたはサブネットワークのリストを指定します。

                                                                                    構文

                                                                                    IPアドレスまたはサブネットワークのカンマ区切りリスト。 *またはALLが受け入れられます。

                                                                                    Sub-networks: 192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1, or 192.168.1.*
                                                                                    IPv6 addresses: ::1 or [::1]
                                                                                    IPv6 subnets: 3ffe:302:11:2:20f:1fff:fe29:717c/64 or [3ffe:302:11:2:20f:1fff:fe29:717c]/64
                                                                                    diff --git a/dist/docs/ja-JP/VHWebSocket_Help.html b/dist/docs/ja-JP/VHWebSocket_Help.html index 20be7bc5e..677537f05 100644 --- a/dist/docs/ja-JP/VHWebSocket_Help.html +++ b/dist/docs/ja-JP/VHWebSocket_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                    OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                    -
                                                                                    Version 1.4  — Rev. 3
                                                                                    +
                                                                                    Version 1.4  — Rev. 4
                                                                                      diff --git a/dist/docs/ja-JP/VirtualHosts_Help.html b/dist/docs/ja-JP/VirtualHosts_Help.html index 2b40f9c4a..a69b82ed2 100644 --- a/dist/docs/ja-JP/VirtualHosts_Help.html +++ b/dist/docs/ja-JP/VirtualHosts_Help.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                      OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                      -
                                                                                      Version 1.4  — Rev. 3
                                                                                      +
                                                                                      Version 1.4  — Rev. 4
                                                                                        diff --git a/dist/docs/ja-JP/admin.html b/dist/docs/ja-JP/admin.html index 8ad96650a..e6beda4ed 100644 --- a/dist/docs/ja-JP/admin.html +++ b/dist/docs/ja-JP/admin.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                        OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                        -
                                                                                        Version 1.4  — Rev. 3
                                                                                        +
                                                                                        Version 1.4  — Rev. 4
                                                                                          diff --git a/dist/docs/ja-JP/config.html b/dist/docs/ja-JP/config.html index 6bc919ef3..341c99384 100644 --- a/dist/docs/ja-JP/config.html +++ b/dist/docs/ja-JP/config.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                          OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                          -
                                                                                          Version 1.4  — Rev. 3
                                                                                          +
                                                                                          Version 1.4  — Rev. 4
                                                                                            diff --git a/dist/docs/ja-JP/index.html b/dist/docs/ja-JP/index.html index dfe7b60f1..0aa3cf0e6 100644 --- a/dist/docs/ja-JP/index.html +++ b/dist/docs/ja-JP/index.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                            OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                            -
                                                                                            Version 1.4  — Rev. 3
                                                                                            +
                                                                                            Version 1.4  — Rev. 4
                                                                                              @@ -84,7 +84,7 @@
                                                                                              Version 1.4  — Rev. 3

                                                                                              OpenLiteSpeed Web Server 1.4

                                                                                              ユーザーズマニュアル

                                                                                              -

                                                                                              — Rev. 3

                                                                                              +

                                                                                              — Rev. 4

                                                                                              diff --git a/dist/docs/ja-JP/install.html b/dist/docs/ja-JP/install.html index a068e071c..926c6437a 100644 --- a/dist/docs/ja-JP/install.html +++ b/dist/docs/ja-JP/install.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                              OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                              -
                                                                                              Version 1.4  — Rev. 3
                                                                                              +
                                                                                              Version 1.4  — Rev. 4
                                                                                                diff --git a/dist/docs/ja-JP/intro.html b/dist/docs/ja-JP/intro.html index 96484f3a6..793b56c97 100644 --- a/dist/docs/ja-JP/intro.html +++ b/dist/docs/ja-JP/intro.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                                OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                                -
                                                                                                Version 1.4  — Rev. 3
                                                                                                +
                                                                                                Version 1.4  — Rev. 4
                                                                                                  diff --git a/dist/docs/ja-JP/license.html b/dist/docs/ja-JP/license.html index 7cbcbb080..3c414dbc2 100644 --- a/dist/docs/ja-JP/license.html +++ b/dist/docs/ja-JP/license.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                                  OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                                  -
                                                                                                  Version 1.4  — Rev. 3
                                                                                                  +
                                                                                                  Version 1.4  — Rev. 4
                                                                                                    diff --git a/dist/docs/ja-JP/security.html b/dist/docs/ja-JP/security.html index c5bcc344a..1bd43619f 100644 --- a/dist/docs/ja-JP/security.html +++ b/dist/docs/ja-JP/security.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                                    OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                                    -
                                                                                                    Version 1.4  — Rev. 3
                                                                                                    +
                                                                                                    Version 1.4  — Rev. 4
                                                                                                      diff --git a/dist/docs/ja-JP/webconsole.html b/dist/docs/ja-JP/webconsole.html index 8dcdcdf84..2c1f64ef7 100644 --- a/dist/docs/ja-JP/webconsole.html +++ b/dist/docs/ja-JP/webconsole.html @@ -15,7 +15,7 @@ openlitespeed logo

                                                                                                      OpenLiteSpeed Web Server ユーザーズマニュアル

                                                                                                      -
                                                                                                      Version 1.4  — Rev. 3
                                                                                                      +
                                                                                                      Version 1.4  — Rev. 4
                                                                                                        diff --git a/dist/docs/license.html b/dist/docs/license.html index 250ff1320..5934a3b00 100644 --- a/dist/docs/license.html +++ b/dist/docs/license.html @@ -17,7 +17,7 @@

                                                                                                        OpenLiteSpeed Web Server Users' Manual

                                                                                                        -

                                                                                                        Version 1.7  — Rev. 28

                                                                                                        +

                                                                                                        Version 1.7  — Rev. 29

                                                                                                          diff --git a/dist/docs/security.html b/dist/docs/security.html index 259a6c68f..d8f49fbe1 100644 --- a/dist/docs/security.html +++ b/dist/docs/security.html @@ -17,7 +17,7 @@

                                                                                                          OpenLiteSpeed Web Server Users' Manual

                                                                                                          -

                                                                                                          Version 1.7  — Rev. 28

                                                                                                          +

                                                                                                          Version 1.7  — Rev. 29

                                                                                                            diff --git a/dist/docs/webconsole.html b/dist/docs/webconsole.html index 39c593a72..c1db0eda5 100644 --- a/dist/docs/webconsole.html +++ b/dist/docs/webconsole.html @@ -17,7 +17,7 @@

                                                                                                            OpenLiteSpeed Web Server Users' Manual

                                                                                                            -

                                                                                                            Version 1.7  — Rev. 28

                                                                                                            +

                                                                                                            Version 1.7  — Rev. 29

                                                                                                              diff --git a/dist/docs/zh-CN/AdminGeneral_Help.html b/dist/docs/zh-CN/AdminGeneral_Help.html index d3da8386f..d724702d7 100644 --- a/dist/docs/zh-CN/AdminGeneral_Help.html +++ b/dist/docs/zh-CN/AdminGeneral_Help.html @@ -17,7 +17,7 @@

                                                                                                              OpenLiteSpeed Web Server Users' Manual

                                                                                                              -

                                                                                                              Version 1.7  — Rev. 18

                                                                                                              +

                                                                                                              Version 1.7  — Rev. 19

                                                                                                                diff --git a/dist/docs/zh-CN/AdminListeners_General_Help.html b/dist/docs/zh-CN/AdminListeners_General_Help.html index 127f96963..e6a6864e2 100644 --- a/dist/docs/zh-CN/AdminListeners_General_Help.html +++ b/dist/docs/zh-CN/AdminListeners_General_Help.html @@ -17,7 +17,7 @@

                                                                                                                OpenLiteSpeed Web Server Users' Manual

                                                                                                                -

                                                                                                                Version 1.7  — Rev. 18

                                                                                                                +

                                                                                                                Version 1.7  — Rev. 19

                                                                                                                  diff --git a/dist/docs/zh-CN/AdminListeners_SSL_Help.html b/dist/docs/zh-CN/AdminListeners_SSL_Help.html index 8f6d5d25d..622842173 100644 --- a/dist/docs/zh-CN/AdminListeners_SSL_Help.html +++ b/dist/docs/zh-CN/AdminListeners_SSL_Help.html @@ -17,7 +17,7 @@

                                                                                                                  OpenLiteSpeed Web Server Users' Manual

                                                                                                                  -

                                                                                                                  Version 1.7  — Rev. 18

                                                                                                                  +

                                                                                                                  Version 1.7  — Rev. 19

                                                                                                                    diff --git a/dist/docs/zh-CN/AdminSecurity_Help.html b/dist/docs/zh-CN/AdminSecurity_Help.html index 66a729936..42fe92345 100644 --- a/dist/docs/zh-CN/AdminSecurity_Help.html +++ b/dist/docs/zh-CN/AdminSecurity_Help.html @@ -17,7 +17,7 @@

                                                                                                                    OpenLiteSpeed Web Server Users' Manual

                                                                                                                    -

                                                                                                                    Version 1.7  — Rev. 18

                                                                                                                    +

                                                                                                                    Version 1.7  — Rev. 19

                                                                                                                      diff --git a/dist/docs/zh-CN/App_Server_Context.html b/dist/docs/zh-CN/App_Server_Context.html index e4b4dc56f..4bd183d49 100644 --- a/dist/docs/zh-CN/App_Server_Context.html +++ b/dist/docs/zh-CN/App_Server_Context.html @@ -17,7 +17,7 @@

                                                                                                                      OpenLiteSpeed Web Server Users' Manual

                                                                                                                      -

                                                                                                                      Version 1.7  — Rev. 18

                                                                                                                      +

                                                                                                                      Version 1.7  — Rev. 19

                                                                                                                        @@ -119,7 +119,7 @@

                                                                                                                        App Server Context

                                                                                                                        Table of Contents

                                                                                                                        Require(授权的用户/组)

                                                                                                                        Description

                                                                                                                        指定哪些用户/用户组可以访问此context。 这里允许你使用一个用户/组数据库(在 中指定)访问多个context, 但只允许该数据库下特定的用户/组访问这个context。

                                                                                                                        Syntax

                                                                                                                        Syntax is compatible with Apache's Require directive. For example:

                                                                                                                        • user username [username ...]
                                                                                                                          Only listed users can access this context.
                                                                                                                        • group groupid [groupid ...]
                                                                                                                          Only users belonging to the listed groups can access this context.
                                                                                                                        If this setting is not specified, all valid users will be allowed to access this resource.

                                                                                                                      允许访问列表

                                                                                                                      Description

                                                                                                                      指定允许访问这个context下资源的IP地址或子网。综合 拒绝访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                      Syntax

                                                                                                                      Comma-delimited list of IPs/sub-networks.

                                                                                                                      例子

                                                                                                                      网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*

                                                                                                                      拒绝访问列表

                                                                                                                      Description

                                                                                                                      指定哪个IP地址或子网不被允许访问这个context下的资源。 综合允许访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                      Syntax

                                                                                                                      Comma-delimited list of IPs/sub-networks.

                                                                                                                      例子

                                                                                                                      子网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*
                                                                                                                      -

                                                                                                                      Authorizer

                                                                                                                      Description

                                                                                                                      指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问http://www.fastcgi.com

                                                                                                                      Syntax

                                                                                                                      从列表中选择

                                                                                                                      +

                                                                                                                      Authorizer

                                                                                                                      Description

                                                                                                                      指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问https://fastcgi-archives.github.io/

                                                                                                                      Syntax

                                                                                                                      从列表中选择

                                                                                                                      启用重写

                                                                                                                      Description

                                                                                                                      指定是否启用LiteSpeed的URL重写. 可以在虚拟主机或context级别上自定义此选项, 并且沿目录树继承该选项,直到被其他选项覆。

                                                                                                                      Syntax

                                                                                                                      从单选框选择

                                                                                                                      重写继承

                                                                                                                      Description

                                                                                                                      指定是否从父级context继承重写规则。 如果启用重写但不继承,将启用本context的重写基准及重写规则。

                                                                                                                      Syntax

                                                                                                                      从单选框选择

                                                                                                                      重写基准

                                                                                                                      Description

                                                                                                                      指定重写规则的基准URL。

                                                                                                                      Syntax

                                                                                                                      URL

                                                                                                                      diff --git a/dist/docs/zh-CN/App_Server_Help.html b/dist/docs/zh-CN/App_Server_Help.html index a0583faae..3e8a83858 100644 --- a/dist/docs/zh-CN/App_Server_Help.html +++ b/dist/docs/zh-CN/App_Server_Help.html @@ -17,7 +17,7 @@

                                                                                                                      OpenLiteSpeed Web Server Users' Manual

                                                                                                                      -

                                                                                                                      Version 1.7  — Rev. 18

                                                                                                                      +

                                                                                                                      Version 1.7  — Rev. 19

                                                                                                                        diff --git a/dist/docs/zh-CN/CGI_Context.html b/dist/docs/zh-CN/CGI_Context.html index c091ebafb..ee6c17ac4 100644 --- a/dist/docs/zh-CN/CGI_Context.html +++ b/dist/docs/zh-CN/CGI_Context.html @@ -17,7 +17,7 @@

                                                                                                                        OpenLiteSpeed Web Server Users' Manual

                                                                                                                        -

                                                                                                                        Version 1.7  — Rev. 18

                                                                                                                        +

                                                                                                                        Version 1.7  — Rev. 19

                                                                                                                          @@ -109,7 +109,7 @@

                                                                                                                          CGI Context

                                                                                                                          Table of Contents

                                                                                                                          Require(授权的用户/组)

                                                                                                                          Description

                                                                                                                          指定哪些用户/用户组可以访问此context。 这里允许你使用一个用户/组数据库(在 中指定)访问多个context, 但只允许该数据库下特定的用户/组访问这个context。

                                                                                                                          Syntax

                                                                                                                          Syntax is compatible with Apache's Require directive. For example:

                                                                                                                          • user username [username ...]
                                                                                                                            Only listed users can access this context.
                                                                                                                          • group groupid [groupid ...]
                                                                                                                            Only users belonging to the listed groups can access this context.
                                                                                                                          If this setting is not specified, all valid users will be allowed to access this resource.

                                                                                                                        允许访问列表

                                                                                                                        Description

                                                                                                                        指定允许访问这个context下资源的IP地址或子网。综合 拒绝访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                        Syntax

                                                                                                                        Comma-delimited list of IPs/sub-networks.

                                                                                                                        例子

                                                                                                                        网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*

                                                                                                                        拒绝访问列表

                                                                                                                        Description

                                                                                                                        指定哪个IP地址或子网不被允许访问这个context下的资源。 综合允许访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                        Syntax

                                                                                                                        Comma-delimited list of IPs/sub-networks.

                                                                                                                        例子

                                                                                                                        子网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*
                                                                                                                        -

                                                                                                                        Authorizer

                                                                                                                        Description

                                                                                                                        指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问http://www.fastcgi.com

                                                                                                                        Syntax

                                                                                                                        从列表中选择

                                                                                                                        +

                                                                                                                        Authorizer

                                                                                                                        Description

                                                                                                                        指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问https://fastcgi-archives.github.io/

                                                                                                                        Syntax

                                                                                                                        从列表中选择

                                                                                                                        添加默认的字符集

                                                                                                                        Description

                                                                                                                        S指定当内容类型是"text/html"或"text/plain"且没有参数时,是否添加字符集标记到"Content-Type"响应报头中。当设置为Off时,该功能禁用。当设置为On时,将添加自定义默认字符集中指定的字符集,如果没有指定,将添加默认的"iso-8859-1"字符集。

                                                                                                                        Syntax

                                                                                                                        从单选框选择

                                                                                                                        启用重写

                                                                                                                        Description

                                                                                                                        指定是否启用LiteSpeed的URL重写. 可以在虚拟主机或context级别上自定义此选项, 并且沿目录树继承该选项,直到被其他选项覆。

                                                                                                                        Syntax

                                                                                                                        从单选框选择

                                                                                                                        diff --git a/dist/docs/zh-CN/CompilePHP_Help.html b/dist/docs/zh-CN/CompilePHP_Help.html index ba3f0eb56..4cf9778e5 100644 --- a/dist/docs/zh-CN/CompilePHP_Help.html +++ b/dist/docs/zh-CN/CompilePHP_Help.html @@ -17,7 +17,7 @@

                                                                                                                        OpenLiteSpeed Web Server Users' Manual

                                                                                                                        -

                                                                                                                        Version 1.7  — Rev. 18

                                                                                                                        +

                                                                                                                        Version 1.7  — Rev. 19

                                                                                                                          diff --git a/dist/docs/zh-CN/Context_Help.html b/dist/docs/zh-CN/Context_Help.html index 246b3b2ec..755bd6eb0 100644 --- a/dist/docs/zh-CN/Context_Help.html +++ b/dist/docs/zh-CN/Context_Help.html @@ -17,7 +17,7 @@

                                                                                                                          OpenLiteSpeed Web Server Users' Manual

                                                                                                                          -

                                                                                                                          Version 1.7  — Rev. 18

                                                                                                                          +

                                                                                                                          Version 1.7  — Rev. 19

                                                                                                                            diff --git a/dist/docs/zh-CN/ExtApp_Help.html b/dist/docs/zh-CN/ExtApp_Help.html index 9534718f5..a2cc47686 100644 --- a/dist/docs/zh-CN/ExtApp_Help.html +++ b/dist/docs/zh-CN/ExtApp_Help.html @@ -17,7 +17,7 @@

                                                                                                                            OpenLiteSpeed Web Server Users' Manual

                                                                                                                            -

                                                                                                                            Version 1.7  — Rev. 18

                                                                                                                            +

                                                                                                                            Version 1.7  — Rev. 19

                                                                                                                              @@ -109,7 +109,7 @@

                                                                                                                              外部应用

                                                                                                                              LiteSpeed网络服
                                                                                                                            • FastCGI 是一个快速,开源,安全的web服务器接口,它解决了CGI固有的性能问题,而没有引入专有API(应用编程接口), - 对于更多的信息,请访问 http://www.fastcgi.com. + 对于更多的信息,请访问 https://fastcgi-archives.github.io/. 在 LiteSpeed Web Server, FastCGI 应用可以发挥两种作用: 创造动态响应 (响应者角色) 或者 diff --git a/dist/docs/zh-CN/External_FCGI.html b/dist/docs/zh-CN/External_FCGI.html index 7f2a1f1da..6c2e08c98 100644 --- a/dist/docs/zh-CN/External_FCGI.html +++ b/dist/docs/zh-CN/External_FCGI.html @@ -17,7 +17,7 @@

                                                                                                                              OpenLiteSpeed Web Server Users' Manual

                                                                                                                              -

                                                                                                                              Version 1.7  — Rev. 18

                                                                                                                              +

                                                                                                                              Version 1.7  — Rev. 19

                                                                                                                                diff --git a/dist/docs/zh-CN/External_FCGI_Auth.html b/dist/docs/zh-CN/External_FCGI_Auth.html index f9cec2e40..260247889 100644 --- a/dist/docs/zh-CN/External_FCGI_Auth.html +++ b/dist/docs/zh-CN/External_FCGI_Auth.html @@ -17,7 +17,7 @@

                                                                                                                                OpenLiteSpeed Web Server Users' Manual

                                                                                                                                -

                                                                                                                                Version 1.7  — Rev. 18

                                                                                                                                +

                                                                                                                                Version 1.7  — Rev. 19

                                                                                                                                  diff --git a/dist/docs/zh-CN/External_LB.html b/dist/docs/zh-CN/External_LB.html index 8a35c6106..d1ee811a4 100644 --- a/dist/docs/zh-CN/External_LB.html +++ b/dist/docs/zh-CN/External_LB.html @@ -17,7 +17,7 @@

                                                                                                                                  OpenLiteSpeed Web Server Users' Manual

                                                                                                                                  -

                                                                                                                                  Version 1.7  — Rev. 18

                                                                                                                                  +

                                                                                                                                  Version 1.7  — Rev. 19

                                                                                                                                    diff --git a/dist/docs/zh-CN/External_LSAPI.html b/dist/docs/zh-CN/External_LSAPI.html index 653303ec5..af0646995 100644 --- a/dist/docs/zh-CN/External_LSAPI.html +++ b/dist/docs/zh-CN/External_LSAPI.html @@ -17,7 +17,7 @@

                                                                                                                                    OpenLiteSpeed Web Server Users' Manual

                                                                                                                                    -

                                                                                                                                    Version 1.7  — Rev. 18

                                                                                                                                    +

                                                                                                                                    Version 1.7  — Rev. 19

                                                                                                                                      diff --git a/dist/docs/zh-CN/External_PL.html b/dist/docs/zh-CN/External_PL.html index 0e9a849e4..f4c1a523b 100644 --- a/dist/docs/zh-CN/External_PL.html +++ b/dist/docs/zh-CN/External_PL.html @@ -17,7 +17,7 @@

                                                                                                                                      OpenLiteSpeed Web Server Users' Manual

                                                                                                                                      -

                                                                                                                                      Version 1.7  — Rev. 18

                                                                                                                                      +

                                                                                                                                      Version 1.7  — Rev. 19

                                                                                                                                        diff --git a/dist/docs/zh-CN/External_Servlet.html b/dist/docs/zh-CN/External_Servlet.html index d0ff30a89..67ab1452d 100644 --- a/dist/docs/zh-CN/External_Servlet.html +++ b/dist/docs/zh-CN/External_Servlet.html @@ -17,7 +17,7 @@

                                                                                                                                        OpenLiteSpeed Web Server Users' Manual

                                                                                                                                        -

                                                                                                                                        Version 1.7  — Rev. 18

                                                                                                                                        +

                                                                                                                                        Version 1.7  — Rev. 19

                                                                                                                                          diff --git a/dist/docs/zh-CN/External_WS.html b/dist/docs/zh-CN/External_WS.html index be48c6a6f..85de5fcfc 100644 --- a/dist/docs/zh-CN/External_WS.html +++ b/dist/docs/zh-CN/External_WS.html @@ -17,7 +17,7 @@

                                                                                                                                          OpenLiteSpeed Web Server Users' Manual

                                                                                                                                          -

                                                                                                                                          Version 1.7  — Rev. 18

                                                                                                                                          +

                                                                                                                                          Version 1.7  — Rev. 19

                                                                                                                                            diff --git a/dist/docs/zh-CN/FCGI_Context.html b/dist/docs/zh-CN/FCGI_Context.html index 5808a8cff..974196fe9 100644 --- a/dist/docs/zh-CN/FCGI_Context.html +++ b/dist/docs/zh-CN/FCGI_Context.html @@ -17,7 +17,7 @@

                                                                                                                                            OpenLiteSpeed Web Server Users' Manual

                                                                                                                                            -

                                                                                                                                            Version 1.7  — Rev. 18

                                                                                                                                            +

                                                                                                                                            Version 1.7  — Rev. 19

                                                                                                                                              @@ -108,7 +108,7 @@

                                                                                                                                              Fast CGI Context

                                                                                                                                              Table of Contents

                                                                                                                                              Require(授权的用户/组)

                                                                                                                                              Description

                                                                                                                                              指定哪些用户/用户组可以访问此context。 这里允许你使用一个用户/组数据库(在 中指定)访问多个context, 但只允许该数据库下特定的用户/组访问这个context。

                                                                                                                                              Syntax

                                                                                                                                              Syntax is compatible with Apache's Require directive. For example:

                                                                                                                                              • user username [username ...]
                                                                                                                                                Only listed users can access this context.
                                                                                                                                              • group groupid [groupid ...]
                                                                                                                                                Only users belonging to the listed groups can access this context.
                                                                                                                                              If this setting is not specified, all valid users will be allowed to access this resource.

                                                                                                                                            允许访问列表

                                                                                                                                            Description

                                                                                                                                            指定允许访问这个context下资源的IP地址或子网。综合 拒绝访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                            Syntax

                                                                                                                                            Comma-delimited list of IPs/sub-networks.

                                                                                                                                            例子

                                                                                                                                            网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*

                                                                                                                                            拒绝访问列表

                                                                                                                                            Description

                                                                                                                                            指定哪个IP地址或子网不被允许访问这个context下的资源。 综合允许访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                            Syntax

                                                                                                                                            Comma-delimited list of IPs/sub-networks.

                                                                                                                                            例子

                                                                                                                                            子网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*
                                                                                                                                            -

                                                                                                                                            Authorizer

                                                                                                                                            Description

                                                                                                                                            指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问http://www.fastcgi.com

                                                                                                                                            Syntax

                                                                                                                                            从列表中选择

                                                                                                                                            +

                                                                                                                                            Authorizer

                                                                                                                                            Description

                                                                                                                                            指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问https://fastcgi-archives.github.io/

                                                                                                                                            Syntax

                                                                                                                                            从列表中选择

                                                                                                                                            添加默认的字符集

                                                                                                                                            Description

                                                                                                                                            S指定当内容类型是"text/html"或"text/plain"且没有参数时,是否添加字符集标记到"Content-Type"响应报头中。当设置为Off时,该功能禁用。当设置为On时,将添加自定义默认字符集中指定的字符集,如果没有指定,将添加默认的"iso-8859-1"字符集。

                                                                                                                                            Syntax

                                                                                                                                            从单选框选择

                                                                                                                                            diff --git a/dist/docs/zh-CN/Java_Web_App_Context.html b/dist/docs/zh-CN/Java_Web_App_Context.html index a355b559d..6b6bd152e 100644 --- a/dist/docs/zh-CN/Java_Web_App_Context.html +++ b/dist/docs/zh-CN/Java_Web_App_Context.html @@ -17,7 +17,7 @@

                                                                                                                                            OpenLiteSpeed Web Server Users' Manual

                                                                                                                                            -

                                                                                                                                            Version 1.7  — Rev. 18

                                                                                                                                            +

                                                                                                                                            Version 1.7  — Rev. 19

                                                                                                                                              @@ -114,7 +114,7 @@

                                                                                                                                              Java Web App Context

                                                                                                                                              Table of Contents

                                                                                                                                              Require(授权的用户/组)

                                                                                                                                              Description

                                                                                                                                              指定哪些用户/用户组可以访问此context。 这里允许你使用一个用户/组数据库(在 中指定)访问多个context, 但只允许该数据库下特定的用户/组访问这个context。

                                                                                                                                              Syntax

                                                                                                                                              Syntax is compatible with Apache's Require directive. For example:

                                                                                                                                              • user username [username ...]
                                                                                                                                                Only listed users can access this context.
                                                                                                                                              • group groupid [groupid ...]
                                                                                                                                                Only users belonging to the listed groups can access this context.
                                                                                                                                              If this setting is not specified, all valid users will be allowed to access this resource.

                                                                                                                                            允许访问列表

                                                                                                                                            Description

                                                                                                                                            指定允许访问这个context下资源的IP地址或子网。综合 拒绝访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                            Syntax

                                                                                                                                            Comma-delimited list of IPs/sub-networks.

                                                                                                                                            例子

                                                                                                                                            网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*

                                                                                                                                            拒绝访问列表

                                                                                                                                            Description

                                                                                                                                            指定哪个IP地址或子网不被允许访问这个context下的资源。 综合允许访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                            Syntax

                                                                                                                                            Comma-delimited list of IPs/sub-networks.

                                                                                                                                            例子

                                                                                                                                            子网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*
                                                                                                                                            -

                                                                                                                                            Authorizer

                                                                                                                                            Description

                                                                                                                                            指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问http://www.fastcgi.com

                                                                                                                                            Syntax

                                                                                                                                            从列表中选择

                                                                                                                                            +

                                                                                                                                            Authorizer

                                                                                                                                            Description

                                                                                                                                            指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问https://fastcgi-archives.github.io/

                                                                                                                                            Syntax

                                                                                                                                            从列表中选择

                                                                                                                                            添加默认的字符集

                                                                                                                                            Description

                                                                                                                                            S指定当内容类型是"text/html"或"text/plain"且没有参数时,是否添加字符集标记到"Content-Type"响应报头中。当设置为Off时,该功能禁用。当设置为On时,将添加自定义默认字符集中指定的字符集,如果没有指定,将添加默认的"iso-8859-1"字符集。

                                                                                                                                            Syntax

                                                                                                                                            从单选框选择

                                                                                                                                            diff --git a/dist/docs/zh-CN/LB_Context.html b/dist/docs/zh-CN/LB_Context.html index 8eab0c91b..27f7d7c59 100644 --- a/dist/docs/zh-CN/LB_Context.html +++ b/dist/docs/zh-CN/LB_Context.html @@ -17,7 +17,7 @@

                                                                                                                                            OpenLiteSpeed Web Server Users' Manual

                                                                                                                                            -

                                                                                                                                            Version 1.7  — Rev. 18

                                                                                                                                            +

                                                                                                                                            Version 1.7  — Rev. 19

                                                                                                                                              @@ -108,7 +108,7 @@

                                                                                                                                              Load Balancer Context

                                                                                                                                              Table of Contents

                                                                                                                                              Require(授权的用户/组)

                                                                                                                                              Description

                                                                                                                                              指定哪些用户/用户组可以访问此context。 这里允许你使用一个用户/组数据库(在 中指定)访问多个context, 但只允许该数据库下特定的用户/组访问这个context。

                                                                                                                                              Syntax

                                                                                                                                              Syntax is compatible with Apache's Require directive. For example:

                                                                                                                                              • user username [username ...]
                                                                                                                                                Only listed users can access this context.
                                                                                                                                              • group groupid [groupid ...]
                                                                                                                                                Only users belonging to the listed groups can access this context.
                                                                                                                                              If this setting is not specified, all valid users will be allowed to access this resource.

                                                                                                                                            允许访问列表

                                                                                                                                            Description

                                                                                                                                            指定允许访问这个context下资源的IP地址或子网。综合 拒绝访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                            Syntax

                                                                                                                                            Comma-delimited list of IPs/sub-networks.

                                                                                                                                            例子

                                                                                                                                            网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*

                                                                                                                                            拒绝访问列表

                                                                                                                                            Description

                                                                                                                                            指定哪个IP地址或子网不被允许访问这个context下的资源。 综合允许访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                            Syntax

                                                                                                                                            Comma-delimited list of IPs/sub-networks.

                                                                                                                                            例子

                                                                                                                                            子网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*
                                                                                                                                            -

                                                                                                                                            Authorizer

                                                                                                                                            Description

                                                                                                                                            指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问http://www.fastcgi.com

                                                                                                                                            Syntax

                                                                                                                                            从列表中选择

                                                                                                                                            +

                                                                                                                                            Authorizer

                                                                                                                                            Description

                                                                                                                                            指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问https://fastcgi-archives.github.io/

                                                                                                                                            Syntax

                                                                                                                                            从列表中选择

                                                                                                                                            添加默认的字符集

                                                                                                                                            Description

                                                                                                                                            S指定当内容类型是"text/html"或"text/plain"且没有参数时,是否添加字符集标记到"Content-Type"响应报头中。当设置为Off时,该功能禁用。当设置为On时,将添加自定义默认字符集中指定的字符集,如果没有指定,将添加默认的"iso-8859-1"字符集。

                                                                                                                                            Syntax

                                                                                                                                            从单选框选择

                                                                                                                                            diff --git a/dist/docs/zh-CN/LSAPI_Context.html b/dist/docs/zh-CN/LSAPI_Context.html index f50a7ce0d..1da07d7bc 100644 --- a/dist/docs/zh-CN/LSAPI_Context.html +++ b/dist/docs/zh-CN/LSAPI_Context.html @@ -17,7 +17,7 @@

                                                                                                                                            OpenLiteSpeed Web Server Users' Manual

                                                                                                                                            -

                                                                                                                                            Version 1.7  — Rev. 18

                                                                                                                                            +

                                                                                                                                            Version 1.7  — Rev. 19

                                                                                                                                              @@ -108,7 +108,7 @@

                                                                                                                                              LiteSpeed SAPI Context

                                                                                                                                              Table of Contents

                                                                                                                                              Require(授权的用户/组)

                                                                                                                                              Description

                                                                                                                                              指定哪些用户/用户组可以访问此context。 这里允许你使用一个用户/组数据库(在 中指定)访问多个context, 但只允许该数据库下特定的用户/组访问这个context。

                                                                                                                                              Syntax

                                                                                                                                              Syntax is compatible with Apache's Require directive. For example:

                                                                                                                                              • user username [username ...]
                                                                                                                                                Only listed users can access this context.
                                                                                                                                              • group groupid [groupid ...]
                                                                                                                                                Only users belonging to the listed groups can access this context.
                                                                                                                                              If this setting is not specified, all valid users will be allowed to access this resource.

                                                                                                                                            允许访问列表

                                                                                                                                            Description

                                                                                                                                            指定允许访问这个context下资源的IP地址或子网。综合 拒绝访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                            Syntax

                                                                                                                                            Comma-delimited list of IPs/sub-networks.

                                                                                                                                            例子

                                                                                                                                            网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*

                                                                                                                                            拒绝访问列表

                                                                                                                                            Description

                                                                                                                                            指定哪个IP地址或子网不被允许访问这个context下的资源。 综合允许访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                            Syntax

                                                                                                                                            Comma-delimited list of IPs/sub-networks.

                                                                                                                                            例子

                                                                                                                                            子网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*
                                                                                                                                            -

                                                                                                                                            Authorizer

                                                                                                                                            Description

                                                                                                                                            指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问http://www.fastcgi.com

                                                                                                                                            Syntax

                                                                                                                                            从列表中选择

                                                                                                                                            +

                                                                                                                                            Authorizer

                                                                                                                                            Description

                                                                                                                                            指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问https://fastcgi-archives.github.io/

                                                                                                                                            Syntax

                                                                                                                                            从列表中选择

                                                                                                                                            添加默认的字符集

                                                                                                                                            Description

                                                                                                                                            S指定当内容类型是"text/html"或"text/plain"且没有参数时,是否添加字符集标记到"Content-Type"响应报头中。当设置为Off时,该功能禁用。当设置为On时,将添加自定义默认字符集中指定的字符集,如果没有指定,将添加默认的"iso-8859-1"字符集。

                                                                                                                                            Syntax

                                                                                                                                            从单选框选择

                                                                                                                                            diff --git a/dist/docs/zh-CN/Listeners_General_Help.html b/dist/docs/zh-CN/Listeners_General_Help.html index 2f30af75e..8b081fa59 100644 --- a/dist/docs/zh-CN/Listeners_General_Help.html +++ b/dist/docs/zh-CN/Listeners_General_Help.html @@ -17,7 +17,7 @@

                                                                                                                                            OpenLiteSpeed Web Server Users' Manual

                                                                                                                                            -

                                                                                                                                            Version 1.7  — Rev. 18

                                                                                                                                            +

                                                                                                                                            Version 1.7  — Rev. 19

                                                                                                                                              diff --git a/dist/docs/zh-CN/Listeners_SSL_Help.html b/dist/docs/zh-CN/Listeners_SSL_Help.html index 49d5595e0..c0c598fb4 100644 --- a/dist/docs/zh-CN/Listeners_SSL_Help.html +++ b/dist/docs/zh-CN/Listeners_SSL_Help.html @@ -17,7 +17,7 @@

                                                                                                                                              OpenLiteSpeed Web Server Users' Manual

                                                                                                                                              -

                                                                                                                                              Version 1.7  — Rev. 18

                                                                                                                                              +

                                                                                                                                              Version 1.7  — Rev. 19

                                                                                                                                                @@ -123,7 +123,7 @@

                                                                                                                                                侦听器SSL

                                                                                                                                                Table of Contents

                                                                                                                                                启用会话记录单

                                                                                                                                                Description

                                                                                                                                                使用OpenSSL的默认会话票证设置启用会话记录单。 服务器级别设置必须设置为“是”才能使虚拟主机设置生效。
                                                                                                                                                默认值:
                                                                                                                                                服务器级别: Yes
                                                                                                                                                虚拟主机级别: Yes

                                                                                                                                                Syntax

                                                                                                                                                从单选框选择

                                                                                                                                              启用 SPDY/HTTP2/HTTP3

                                                                                                                                              Description

                                                                                                                                              有选择地启用HTTP/3,HTTP/2和SPDY HTTP网络协议。

                                                                                                                                              如果要禁用SPDY,HTTP/2和HTTP3,请选中“无”,并取消选中所有其他框。
                                                                                                                                              Default value: All enabled

                                                                                                                                              Syntax

                                                                                                                                              从复选框中选择

                                                                                                                                              提示

                                                                                                                                              可以在侦听器和虚拟主机级别上设置此设置。

                                                                                                                                              打开HTTP3/QUIC (UDP) 端口

                                                                                                                                              Description

                                                                                                                                              允许对映射到该监听器的虚拟主机使用HTTP3/QUIC网络协议. 为了使此设置生效,还必须在服务器级别将启用HTTP3/QUIC设置为。 默认值为

                                                                                                                                              提示

                                                                                                                                              当此设置设置为时,仍可以通过Enable HTTP3/QUIC设置在虚拟主机级别禁用HTTP3/QUIC。

                                                                                                                                              -

                                                                                                                                              OCSP装订

                                                                                                                                              Description

                                                                                                                                              在线证书状态协议(OCSP)是更加有效的检查数字证书是否有效的方式。 它通过与另一台服务器(OCSP响应服务器)通信,以获取证书有效的验证,而不是通过证书吊销列表(CRL)进行检查。

                                                                                                                                              OCSP装订是对该协议的进一步改进,允许服务器以固定的时间间隔而不是每次请求证书时与OCSP响应程序进行检查。 有关更多详细信息,请参见 OCSP Wikipedia页面

                                                                                                                                              +

                                                                                                                                              OCSP装订

                                                                                                                                              Description

                                                                                                                                              在线证书状态协议(OCSP)是更加有效的检查数字证书是否有效的方式。 它通过与另一台服务器(OCSP响应服务器)通信,以获取证书有效的验证,而不是通过证书吊销列表(CRL)进行检查。

                                                                                                                                              OCSP装订是对该协议的进一步改进,允许服务器以固定的时间间隔而不是每次请求证书时与OCSP响应程序进行检查。 有关更多详细信息,请参见 OCSP Wikipedia页面

                                                                                                                                              启用 OCSP 装订

                                                                                                                                              Description

                                                                                                                                              确定是否启用OCSP装订,这是一种更有效的验证公钥证书的方式。

                                                                                                                                              Syntax

                                                                                                                                              从单选框选择

                                                                                                                                              OCSP响应最大有效时间(秒)

                                                                                                                                              Description

                                                                                                                                              此选项设置OCSP响应的最大有效时间。 如果OCSP响应早于该最大使用期限,则服务器将与OCSP响应服务器联系以获取新的响应。 默认值为86400 。 通过将此值设置为-1,可以关闭最大有效时间。

                                                                                                                                              Syntax

                                                                                                                                              Integer of seconds

                                                                                                                                              OCSP响应服务器

                                                                                                                                              Description

                                                                                                                                              指定要使用的OCSP响应服务器的URL。 如果未设置,则服务器将尝试联系OCSP响应服务器 在证书颁发机构的颁发者证书中有详细说明。 某些颁发者证书可能未指定OCSP服务器URL。

                                                                                                                                              Syntax

                                                                                                                                              URL starting with http://

                                                                                                                                              例子

                                                                                                                                              http://rapidssl-ocsp.geotrust.com
                                                                                                                                              diff --git a/dist/docs/zh-CN/Module_Context.html b/dist/docs/zh-CN/Module_Context.html index e00d90d17..83a81f4ff 100644 --- a/dist/docs/zh-CN/Module_Context.html +++ b/dist/docs/zh-CN/Module_Context.html @@ -17,7 +17,7 @@

                                                                                                                                              OpenLiteSpeed Web Server Users' Manual

                                                                                                                                              -

                                                                                                                                              Version 1.7  — Rev. 18

                                                                                                                                              +

                                                                                                                                              Version 1.7  — Rev. 19

                                                                                                                                                @@ -108,7 +108,7 @@

                                                                                                                                                Module Handler Context

                                                                                                                                                Table of Contents

                                                                                                                                                Require(授权的用户/组)

                                                                                                                                                Description

                                                                                                                                                指定哪些用户/用户组可以访问此context。 这里允许你使用一个用户/组数据库(在 中指定)访问多个context, 但只允许该数据库下特定的用户/组访问这个context。

                                                                                                                                                Syntax

                                                                                                                                                Syntax is compatible with Apache's Require directive. For example:

                                                                                                                                                • user username [username ...]
                                                                                                                                                  Only listed users can access this context.
                                                                                                                                                • group groupid [groupid ...]
                                                                                                                                                  Only users belonging to the listed groups can access this context.
                                                                                                                                                If this setting is not specified, all valid users will be allowed to access this resource.

                                                                                                                                              允许访问列表

                                                                                                                                              Description

                                                                                                                                              指定允许访问这个context下资源的IP地址或子网。综合 拒绝访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                              Syntax

                                                                                                                                              Comma-delimited list of IPs/sub-networks.

                                                                                                                                              例子

                                                                                                                                              网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*

                                                                                                                                              拒绝访问列表

                                                                                                                                              Description

                                                                                                                                              指定哪个IP地址或子网不被允许访问这个context下的资源。 综合允许访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                              Syntax

                                                                                                                                              Comma-delimited list of IPs/sub-networks.

                                                                                                                                              例子

                                                                                                                                              子网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*
                                                                                                                                              -

                                                                                                                                              Authorizer

                                                                                                                                              Description

                                                                                                                                              指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问http://www.fastcgi.com

                                                                                                                                              Syntax

                                                                                                                                              从列表中选择

                                                                                                                                              +

                                                                                                                                              Authorizer

                                                                                                                                              Description

                                                                                                                                              指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问https://fastcgi-archives.github.io/

                                                                                                                                              Syntax

                                                                                                                                              从列表中选择

                                                                                                                                              添加默认的字符集

                                                                                                                                              Description

                                                                                                                                              S指定当内容类型是"text/html"或"text/plain"且没有参数时,是否添加字符集标记到"Content-Type"响应报头中。当设置为Off时,该功能禁用。当设置为On时,将添加自定义默认字符集中指定的字符集,如果没有指定,将添加默认的"iso-8859-1"字符集。

                                                                                                                                              Syntax

                                                                                                                                              从单选框选择

                                                                                                                                              diff --git a/dist/docs/zh-CN/Module_Help.html b/dist/docs/zh-CN/Module_Help.html index 9741329f5..15460abbc 100644 --- a/dist/docs/zh-CN/Module_Help.html +++ b/dist/docs/zh-CN/Module_Help.html @@ -17,7 +17,7 @@

                                                                                                                                              OpenLiteSpeed Web Server Users' Manual

                                                                                                                                              -

                                                                                                                                              Version 1.7  — Rev. 18

                                                                                                                                              +

                                                                                                                                              Version 1.7  — Rev. 19

                                                                                                                                                diff --git a/dist/docs/zh-CN/Proxy_Context.html b/dist/docs/zh-CN/Proxy_Context.html index 1aa4592ba..ce465b897 100644 --- a/dist/docs/zh-CN/Proxy_Context.html +++ b/dist/docs/zh-CN/Proxy_Context.html @@ -17,7 +17,7 @@

                                                                                                                                                OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                -

                                                                                                                                                Version 1.7  — Rev. 18

                                                                                                                                                +

                                                                                                                                                Version 1.7  — Rev. 19

                                                                                                                                                  @@ -108,7 +108,7 @@

                                                                                                                                                  Proxy Context

                                                                                                                                                  Table of Contents

                                                                                                                                                  Require(授权的用户/组)

                                                                                                                                                  Description

                                                                                                                                                  指定哪些用户/用户组可以访问此context。 这里允许你使用一个用户/组数据库(在 中指定)访问多个context, 但只允许该数据库下特定的用户/组访问这个context。

                                                                                                                                                  Syntax

                                                                                                                                                  Syntax is compatible with Apache's Require directive. For example:

                                                                                                                                                  • user username [username ...]
                                                                                                                                                    Only listed users can access this context.
                                                                                                                                                  • group groupid [groupid ...]
                                                                                                                                                    Only users belonging to the listed groups can access this context.
                                                                                                                                                  If this setting is not specified, all valid users will be allowed to access this resource.

                                                                                                                                                允许访问列表

                                                                                                                                                Description

                                                                                                                                                指定允许访问这个context下资源的IP地址或子网。综合 拒绝访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                                Syntax

                                                                                                                                                Comma-delimited list of IPs/sub-networks.

                                                                                                                                                例子

                                                                                                                                                网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*

                                                                                                                                                拒绝访问列表

                                                                                                                                                Description

                                                                                                                                                指定哪个IP地址或子网不被允许访问这个context下的资源。 综合允许访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                                Syntax

                                                                                                                                                Comma-delimited list of IPs/sub-networks.

                                                                                                                                                例子

                                                                                                                                                子网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*
                                                                                                                                                -

                                                                                                                                                Authorizer

                                                                                                                                                Description

                                                                                                                                                指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问http://www.fastcgi.com

                                                                                                                                                Syntax

                                                                                                                                                从列表中选择

                                                                                                                                                +

                                                                                                                                                Authorizer

                                                                                                                                                Description

                                                                                                                                                指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问https://fastcgi-archives.github.io/

                                                                                                                                                Syntax

                                                                                                                                                从列表中选择

                                                                                                                                                添加默认的字符集

                                                                                                                                                Description

                                                                                                                                                S指定当内容类型是"text/html"或"text/plain"且没有参数时,是否添加字符集标记到"Content-Type"响应报头中。当设置为Off时,该功能禁用。当设置为On时,将添加自定义默认字符集中指定的字符集,如果没有指定,将添加默认的"iso-8859-1"字符集。

                                                                                                                                                Syntax

                                                                                                                                                从单选框选择

                                                                                                                                                diff --git a/dist/docs/zh-CN/Redirect_Context.html b/dist/docs/zh-CN/Redirect_Context.html index 88f6fe767..8fc0f4ba3 100644 --- a/dist/docs/zh-CN/Redirect_Context.html +++ b/dist/docs/zh-CN/Redirect_Context.html @@ -17,7 +17,7 @@

                                                                                                                                                OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                -

                                                                                                                                                Version 1.7  — Rev. 18

                                                                                                                                                +

                                                                                                                                                Version 1.7  — Rev. 19

                                                                                                                                                  @@ -110,7 +110,7 @@

                                                                                                                                                  Redirect Context

                                                                                                                                                  Table of Contents

                                                                                                                                                  Require(授权的用户/组)

                                                                                                                                                  Description

                                                                                                                                                  指定哪些用户/用户组可以访问此context。 这里允许你使用一个用户/组数据库(在 中指定)访问多个context, 但只允许该数据库下特定的用户/组访问这个context。

                                                                                                                                                  Syntax

                                                                                                                                                  Syntax is compatible with Apache's Require directive. For example:

                                                                                                                                                  • user username [username ...]
                                                                                                                                                    Only listed users can access this context.
                                                                                                                                                  • group groupid [groupid ...]
                                                                                                                                                    Only users belonging to the listed groups can access this context.
                                                                                                                                                  If this setting is not specified, all valid users will be allowed to access this resource.

                                                                                                                                                允许访问列表

                                                                                                                                                Description

                                                                                                                                                指定允许访问这个context下资源的IP地址或子网。综合 拒绝访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                                Syntax

                                                                                                                                                Comma-delimited list of IPs/sub-networks.

                                                                                                                                                例子

                                                                                                                                                网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*

                                                                                                                                                拒绝访问列表

                                                                                                                                                Description

                                                                                                                                                指定哪个IP地址或子网不被允许访问这个context下的资源。 综合允许访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                                Syntax

                                                                                                                                                Comma-delimited list of IPs/sub-networks.

                                                                                                                                                例子

                                                                                                                                                子网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*
                                                                                                                                                -

                                                                                                                                                Authorizer

                                                                                                                                                Description

                                                                                                                                                指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问http://www.fastcgi.com

                                                                                                                                                Syntax

                                                                                                                                                从列表中选择

                                                                                                                                                +

                                                                                                                                                Authorizer

                                                                                                                                                Description

                                                                                                                                                指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问https://fastcgi-archives.github.io/

                                                                                                                                                Syntax

                                                                                                                                                从列表中选择

                                                                                                                            diff --git a/dist/docs/zh-CN/Rewrite_Help.html b/dist/docs/zh-CN/Rewrite_Help.html index 47c1d55fb..b83481cd6 100644 --- a/dist/docs/zh-CN/Rewrite_Help.html +++ b/dist/docs/zh-CN/Rewrite_Help.html @@ -17,7 +17,7 @@

                                                                                                                            OpenLiteSpeed Web Server Users' Manual

                                                                                                                            -

                                                                                                                            Version 1.7  — Rev. 18

                                                                                                                            +

                                                                                                                            Version 1.7  — Rev. 19

                                                                                                                              @@ -106,8 +106,8 @@

                                                                                                                              重写帮助

                                                                                                                              Table of Contents

                                                                                                                              启用重写

                                                                                                                              Description

                                                                                                                              指定是否启用LiteSpeed的URL重写. 可以在虚拟主机或context级别上自定义此选项, 并且沿目录树继承该选项,直到被其他选项覆。

                                                                                                                              Syntax

                                                                                                                              从单选框选择

                                                                                                                              自动加载.htaccess

                                                                                                                              Description

                                                                                                                              如果使用rewritefile指令的目录的HttpContext不存在,则在初次访问该目录时自动加载.htaccess文件中包含的重写规则。 最初加载后,必须执行正常重启才能使对该.htaccess文件的修改生效。

                                                                                                                              虚拟主机级别设置将覆盖服务器级别设置。 默认值:

                                                                                                                              Server-level: No

                                                                                                                              VH-Level: Inherit Server-level setting

                                                                                                                              Syntax

                                                                                                                              从单选框选择

                                                                                                                              日志级别

                                                                                                                              Description

                                                                                                                              指定重写调试输出的详细程度。 此值的范围是0-9。 设置为0将禁用日志记录。 设置为9将产生 最详细的日志。 服务器和虚拟主机的错误日志日志级别 至少设置为INFO才能使此选项生效。 这对测试重写规则很有帮助。

                                                                                                                              Syntax

                                                                                                                              整数

                                                                                                                              See Also

                                                                                                                              Server 日志级别, Virtual Host 日志级别

                                                                                                                              -

                                                                                                                              名称

                                                                                                                              Description

                                                                                                                              Specifies a unique name for the rewrite map at the virtual host level. This name will be used by a mapping-reference in rewrite rules. When referencing this name, one of the following syntaxes should be used:

                                                                                                                              $\{MapName:LookupKey\}
                                                                                                                              $\{MapName:LookupKey|DefaultValue\}

                                                                                                                              The implementation of LiteSpeed's rewrite engine follows the specifications of Apache's rewrite engine. For more details about rewrite maps, please refer to Apache's mod_rewrite document.

                                                                                                                              Syntax

                                                                                                                              string

                                                                                                                              -

                                                                                                                              Location

                                                                                                                              Description

                                                                                                                              Specifies the location of the rewrite map using the syntax MapType:MapSource.
                                                                                                                              LiteSpeed's rewrite engine supports three types of rewrite maps:

                                                                                                                              • Standard Plain Text
                                                                                                                                MapType: txt;
                                                                                                                                MapSource: file path to a valid plain ASCII file.
                                                                                                                                Each line of this file should contain two elements separated by blank spaces. The first element is the key and the second element is the value. Comments can be added with a leading "#" sign.
                                                                                                                              • Randomized Plain Text
                                                                                                                                MapType: rnd;
                                                                                                                                MapSource: file path of a valid plain ASCII file.
                                                                                                                                File format is similar to the Standard Plain Text file, except that the second element can contain multiple choices separated by a "|" sign and chosen randomly by the rewrite engine.
                                                                                                                              • Internal Function
                                                                                                                                MapType: int;
                                                                                                                                MapSource: Internal string function
                                                                                                                                4 functions are available:
                                                                                                                                • toupper: converts lookup key to upper cases.
                                                                                                                                • tolower: converts lookup key to lower cases.
                                                                                                                                • escape: perform URL encoding on lookup key.
                                                                                                                                • unescape: perform URL decoding on lookup key.
                                                                                                                                • The following map types available in Apache have not been implemented in LiteSpeed:
                                                                                                                                Hash File and External Rewriting Program.
                                                                                                                              The implementation of LiteSpeed's rewrite engine follows the specifications of Apache's rewrite engine. For more details about rewrite map, please refer to Apache's mod_rewrite document.

                                                                                                                              Syntax

                                                                                                                              String

                                                                                                                              +

                                                                                                                              名称

                                                                                                                              Description

                                                                                                                              Specifies a unique name for the rewrite map at the virtual host level. This name will be used by a mapping-reference in rewrite rules. When referencing this name, one of the following syntaxes should be used:

                                                                                                                              $\{MapName:LookupKey\}
                                                                                                                              $\{MapName:LookupKey|DefaultValue\}

                                                                                                                              The implementation of LiteSpeed's rewrite engine follows the specifications of Apache's rewrite engine. For more details about rewrite maps, please refer to Apache's mod_rewrite document .

                                                                                                                              Syntax

                                                                                                                              string

                                                                                                                              +

                                                                                                                              Location

                                                                                                                              Description

                                                                                                                              Specifies the location of the rewrite map using the syntax MapType:MapSource.
                                                                                                                              LiteSpeed's rewrite engine supports three types of rewrite maps:

                                                                                                                              • Standard Plain Text
                                                                                                                                MapType: txt;
                                                                                                                                MapSource: file path to a valid plain ASCII file.
                                                                                                                                Each line of this file should contain two elements separated by blank spaces. The first element is the key and the second element is the value. Comments can be added with a leading "#" sign.
                                                                                                                              • Randomized Plain Text
                                                                                                                                MapType: rnd;
                                                                                                                                MapSource: file path of a valid plain ASCII file.
                                                                                                                                File format is similar to the Standard Plain Text file, except that the second element can contain multiple choices separated by a "|" sign and chosen randomly by the rewrite engine.
                                                                                                                              • Internal Function
                                                                                                                                MapType: int;
                                                                                                                                MapSource: Internal string function
                                                                                                                                4 functions are available:
                                                                                                                                • toupper: converts lookup key to upper cases.
                                                                                                                                • tolower: converts lookup key to lower cases.
                                                                                                                                • escape: perform URL encoding on lookup key.
                                                                                                                                • unescape: perform URL decoding on lookup key.
                                                                                                                                • The following map types available in Apache have not been implemented in LiteSpeed:
                                                                                                                                Hash File and External Rewriting Program.
                                                                                                                              The implementation of LiteSpeed's rewrite engine follows the specifications of Apache's rewrite engine. For more details about rewrite map, please refer to Apache's mod_rewrite document .

                                                                                                                              Syntax

                                                                                                                              String

                                                                                                                              重写规则

                                                                                                                              Description

                                                                                                                              指定虚拟主机级别的重写规则。

                                                                                                                              请勿在此处添加任何目录级重写规则。 如果您在.htaccess有任何目录级的重写规则,则应该使用uri"/"创建一个静态context, 并在那里添加重写规则。

                                                                                                                              重写规则由一个RewriteRule组成,并可可以在多个RewriteCond之后。

                                                                                                                              • 每行仅能有一条规则
                                                                                                                              • RewriteCondRewriteRule 遵循Apache的rewrite语法。 只需从Apache配置文件中复制并粘贴重写规则即可。
                                                                                                                              • LiteSpeed和Apache mod_rewrite之间有细微差别:
                                                                                                                                • %\{LA-U:variable\} and %\{LA-F:variable\} 在Litespeed 重写中将被忽略
                                                                                                                                • Litespeed中加入了两个新变量: %\{CURRENT_URI\}表示正在处理的URL %\{SCRIPT_NAME\}表示为相应的CGI环境变量。
                                                                                                                                • Litespeed在遇到[L]后为了避免循环将停止处理此及此后的重写规则 而Apache mod_rewrite将仅停止处理该条重写规则。此行为类似于apachemod_rewrite中的[END]标志。

                                                                                                                              LiteSpeed的重写规则遵循Apache的重写规范。 有关重写规则的更多详细信息,请参阅 Apache's mod_rewrite document(英文文档) Apache's URL rewriting guide(英文文档) .

                                                                                                                              Syntax

                                                                                                                              string

                                                                                                                              diff --git a/dist/docs/zh-CN/ScriptHandler_Help.html b/dist/docs/zh-CN/ScriptHandler_Help.html index 774613f35..d43b5ce13 100644 --- a/dist/docs/zh-CN/ScriptHandler_Help.html +++ b/dist/docs/zh-CN/ScriptHandler_Help.html @@ -17,7 +17,7 @@

                                                                                                                              OpenLiteSpeed Web Server Users' Manual

                                                                                                                              -

                                                                                                                              Version 1.7  — Rev. 18

                                                                                                                              +

                                                                                                                              Version 1.7  — Rev. 19

                                                                                                                                diff --git a/dist/docs/zh-CN/ServGeneral_Help.html b/dist/docs/zh-CN/ServGeneral_Help.html index 1746da6e1..39d443428 100644 --- a/dist/docs/zh-CN/ServGeneral_Help.html +++ b/dist/docs/zh-CN/ServGeneral_Help.html @@ -17,7 +17,7 @@

                                                                                                                                OpenLiteSpeed Web Server Users' Manual

                                                                                                                                -

                                                                                                                                Version 1.7  — Rev. 18

                                                                                                                                +

                                                                                                                                Version 1.7  — Rev. 19

                                                                                                                                  @@ -119,7 +119,7 @@

                                                                                                                                  Table of Contents

                                                                                                                                  运行方式

                                                                                                                                  Description

                                                                                                                                  指定服务器进程运行的用户/组。 在安装之前运行configure命令时,使用参数“--with-user”和“ --with-group”进行设置。 要重置这些值,必须重新运行configure命令并重新安装。

                                                                                                                                  应用

                                                                                                                                  Reinstall required.

                                                                                                                                  提示

                                                                                                                                  [安全] 服务器不应该以特权用户列如"root"来运行. 将服务器配置为以非特权用户/组运行非常重要 没有登入和Shell的权限 nobody用户(组)通常是个不错的选择.

                                                                                                                                优先级

                                                                                                                                Description

                                                                                                                                指定服务进程的优先级。数值范围从 -2020。数值越小,优先级越高。

                                                                                                                                Syntax

                                                                                                                                Integer number

                                                                                                                                提示

                                                                                                                                [性能] 通常,较高的优先级会导致繁忙的服务器上的Web性能稍有提高。 不要将优先级设置为高于数据库进程的优先级。

                                                                                                                                See Also

                                                                                                                                External App 优先级, CGI优先级

                                                                                                                                处理器亲和性

                                                                                                                                Description

                                                                                                                                CPU关联将进程绑定到一个或多个CPU(核心)。 始终使用同一CPU对进程来说是有益的,因为这样进程可以利用CPU缓存中剩余的数据。 如果进程移至其他CPU,则不会使用CPU缓存,并且会产生不必要的开销。

                                                                                                                                CPU Affinity设置控制一个服务器进程将与多少个CPU(核心)相关联。 最小值为0,它将禁用此功能。 最大值是服务器具有的核心数。 通常,1是最佳设置,因为它会最严格地使用CPU亲和力,从而最大程度地利用CPU缓存。

                                                                                                                                Default value: 0

                                                                                                                                Syntax

                                                                                                                                Integer value from 0 to 64. (0 will disable this feature)

                                                                                                                                应用

                                                                                                                                Reinstall required.

                                                                                                                                -

                                                                                                                                Cloud-Linux

                                                                                                                                Description

                                                                                                                                指定当CloudLinux存在时是否启用CloudLinux的轻量级虚拟 环境(LVE)。您可以搭配使用Litespeed与LVE实现更好的资源管理。 欲了解更多信息,请访问 http: //www.cloudlinux.com。

                                                                                                                                Syntax

                                                                                                                                从列表中选择

                                                                                                                                +

                                                                                                                                Cloud-Linux

                                                                                                                                Description

                                                                                                                                指定当CloudLinux存在时是否启用CloudLinux的轻量级虚拟 环境(LVE)。您可以搭配使用Litespeed与LVE实现更好的资源管理。 欲了解更多信息,请访问 http://www.cloudlinux.com

                                                                                                                                Syntax

                                                                                                                                从列表中选择

                                                                                                                                最大的读写缓冲区大小

                                                                                                                                Description

                                                                                                                                指定用于存储请求内容和相应的动态响应的最大缓冲区大小。达到此限制时, 服务器将在交换目录中创建临时交换文件。

                                                                                                                                Syntax

                                                                                                                                整数

                                                                                                                                提示

                                                                                                                                [性能] 设置足够大的缓冲区,以容纳所有并发 请求/响应,避免内存和磁盘数据交换。如果交换目录(默认为/tmp/lshttpd/swap/)存在频繁的读写活动,说明缓冲区太小,LiteSpeed正在使用交换文件。

                                                                                                                                See Also

                                                                                                                                交换目录

                                                                                                                                交换目录

                                                                                                                                Description

                                                                                                                                指定交换文件的存放目录。 服务器在chroot模式启动时,该路径相对于新的根目录, 否则,它相对于真正的根目录。

                                                                                                                                Litespeed使用自己的虚拟内存 以降低系统的内存使用量。虚拟内存和磁盘交换会用来存储大的请求内容和 动态响应。交换目录应设置在有足够剩余空间的磁盘上。

                                                                                                                                默认值: /tmp/lshttpd/swap

                                                                                                                                Syntax

                                                                                                                                绝对路径

                                                                                                                                提示

                                                                                                                                [性能建议] 将交换目录设置在一个单独的磁盘上,或者增加最大读写缓冲区大小以避免交换。

                                                                                                                                See Also

                                                                                                                                最大的读写缓冲区大小

                                                                                                                                自动修复503错误

                                                                                                                                Description

                                                                                                                                指定是否尝试通过平滑重启LiteSpeed修复“503 服务不可用”错误。“503”错误通常是由 发生故障的外部应用程序引起的,Web服务器重新启动往往可以临时修复 错误。如果启用,当30秒内出现超过30次“503”错误时,服务器将自动 重新启动。此功能是默认启用的。

                                                                                                                                Syntax

                                                                                                                                从单选框选择

                                                                                                                                diff --git a/dist/docs/zh-CN/ServLog_Help.html b/dist/docs/zh-CN/ServLog_Help.html index 3b42e07fd..388ac1f2b 100644 --- a/dist/docs/zh-CN/ServLog_Help.html +++ b/dist/docs/zh-CN/ServLog_Help.html @@ -17,7 +17,7 @@

                                                                                                                                OpenLiteSpeed Web Server Users' Manual

                                                                                                                                -

                                                                                                                                Version 1.7  — Rev. 18

                                                                                                                                +

                                                                                                                                Version 1.7  — Rev. 19

                                                                                                                                  diff --git a/dist/docs/zh-CN/ServSecurity_Help.html b/dist/docs/zh-CN/ServSecurity_Help.html index 76bded199..3855bd071 100644 --- a/dist/docs/zh-CN/ServSecurity_Help.html +++ b/dist/docs/zh-CN/ServSecurity_Help.html @@ -17,7 +17,7 @@

                                                                                                                                  OpenLiteSpeed Web Server Users' Manual

                                                                                                                                  -

                                                                                                                                  Version 1.7  — Rev. 18

                                                                                                                                  +

                                                                                                                                  Version 1.7  — Rev. 19

                                                                                                                                    @@ -153,8 +153,8 @@

                                                                                                                                    服务器安全

                                                                                                                                    Table of Contents

                                                                                                                                    Bot白名单

                                                                                                                                    Description

                                                                                                                                    自定义允许访问的用户代理列表。 将受到“好机器人”的限制,包括allowedRobotHits。

                                                                                                                                    Syntax

                                                                                                                                    用户代理列表,每行一个。 支持正则表达式。

                                                                                                                                    连接限制

                                                                                                                                    Description

                                                                                                                                    激活reCAPTCHA所需的并发连接数(SSL和非SSL)。 在并发连接数高于该数字之前,将使用reCAPTCHA。

                                                                                                                                    默认值是15000.

                                                                                                                                    Syntax

                                                                                                                                    整数

                                                                                                                                    SSL连接限制

                                                                                                                                    Description

                                                                                                                                    激活reCAPTCHA所需的并发SSL连接数。在并发连接数高于该数字之前,将使用reCAPTCHA。

                                                                                                                                    默认值是 10000.

                                                                                                                                    Syntax

                                                                                                                                    整数

                                                                                                                                    -

                                                                                                                                    Bubblewrap Container

                                                                                                                                    Description

                                                                                                                                    Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/index.php/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

                                                                                                                                    This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

                                                                                                                                    Default values:
                                                                                                                                    Server level: Disabled
                                                                                                                                    VH level: Inherit Server level setting

                                                                                                                                    Syntax

                                                                                                                                    从列表中选择

                                                                                                                                    -

                                                                                                                                    Bubblewrap Command

                                                                                                                                    Description

                                                                                                                                    bubblewraps使用的完整的命令, 包括bubblewrap程序本身。 有关配置此命令的更多信息,请参见: https://openlitespeed.org/kb/bubblewrap-in-openlitespeed/ . 如果未指定,将使用下面列出的默认命令。

                                                                                                                                    默认值: /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --dir /tmp --proc /proc --symlink../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /home/$USER /home/$USER --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’

                                                                                                                                    +

                                                                                                                                    Bubblewrap Container

                                                                                                                                    Description

                                                                                                                                    Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/title/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

                                                                                                                                    This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

                                                                                                                                    Default values:
                                                                                                                                    Server level: Disabled
                                                                                                                                    VH level: Inherit Server level setting

                                                                                                                                    Syntax

                                                                                                                                    从列表中选择

                                                                                                                                    +

                                                                                                                                    Bubblewrap Command

                                                                                                                                    Description

                                                                                                                                    bubblewraps使用的完整的命令, 包括bubblewrap程序本身。 有关配置此命令的更多信息,请参见: https://openlitespeed.org/kb/bubblewrap-in-openlitespeed/ . 如果未指定,将使用下面列出的默认命令。

                                                                                                                                    默认值: /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --dir /tmp --proc /proc --symlink../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /home/$USER /home/$USER --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’

                                                                                                                                    拒绝访问的目录

                                                                                                                                    Description

                                                                                                                                    指定应该拒绝访问的目录。 将包含敏感数据的目录加入到这个列表,以防止向客户端意外泄露敏感文件。 在路径后加一个“*”,可包含所有子目录。 如果跟随符号链接检查符号链接都被启用, 符号链接也将被检查是否在被拒绝访问目录中。

                                                                                                                                    Syntax

                                                                                                                                    Comma-delimited list of directories

                                                                                                                                    提示

                                                                                                                                    [安全建议] 至关重要: 此设置只能防止服务这些目录中的静态文件。 这不能防止外部脚本如PHP、Ruby、CGI造成的泄露。

                                                                                                                                    登入限制

                                                                                                                                    Description

                                                                                                                                    指定哪些子网络和/或IP地址可以访问该服务器。 这是影响所有的虚拟主机的服务器级别设置。您还可以为每个虚拟主机设置登入限制。虚拟主机的设置不会覆盖服务器设置。

                                                                                                                                    是否阻止/允许一个IP是由允许列表与阻止列表共同决定。 如果你想阻止某个特定IP或子网,请在允许列表中写入*ALL,并在拒绝列表中写入需要阻止的IP或子网。 如果你想允许某个特定的IP或子网,请在拒绝列表中写入*ALL,并在允许列表中写入需要允许的IP或子网。 单个IP地址是被允许访问还是禁止访问取决于该IP符合的最小限制范围。

                                                                                                                                    信任的IP或子网络可以在允许列表列表中添加后缀“T”来指定。受信任的IP或子网不受连接数/流量限制。 只有服务器级别的登入限制才可以设置受信任的IP或子网。

                                                                                                                                    提示

                                                                                                                                    [安全建议] 用此项设置适用于所有虚拟主机的常规限制。

                                                                                                                                    允许列表

                                                                                                                                    Description

                                                                                                                                    指定允许的IP地址或子网的列表。 可以使用{VAL}*或{VAL}ALL。

                                                                                                                                    Syntax

                                                                                                                                    逗号分隔的IP地址或子网列表。 结尾加上“T”可以用来表示一个受信任的IP或子网,如{VAL}192.168.1.*T。

                                                                                                                                    例子

                                                                                                                                    子网: 192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1192.168.1.*.
                                                                                                                                    IPv6 地址: ::1[::1]
                                                                                                                                    IPv6 子网: 3ffe:302:11:2:20f:1fff:fe29:717c/64[3ffe:302:11:2:20f:1fff:fe29:717c]/64.

                                                                                                                                    提示

                                                                                                                                    [安全建议] 在服务器级别设置的受信任的IP或子网不受连接/节流限制。

                                                                                                                                    diff --git a/dist/docs/zh-CN/ServTuning_Help.html b/dist/docs/zh-CN/ServTuning_Help.html index 157096c39..b1cdebc6f 100644 --- a/dist/docs/zh-CN/ServTuning_Help.html +++ b/dist/docs/zh-CN/ServTuning_Help.html @@ -17,7 +17,7 @@

                                                                                                                                    OpenLiteSpeed Web Server Users' Manual

                                                                                                                                    -

                                                                                                                                    Version 1.7  — Rev. 18

                                                                                                                                    +

                                                                                                                                    Version 1.7  — Rev. 19

                                                                                                                                      @@ -161,7 +161,7 @@

                                                                                                                                      服务器调节

                                                                                                                                      Table of Contents

                                                                                                                                      每个连接的最大并发数

                                                                                                                                      Description

                                                                                                                                      每个QUIC连接的最大并发数。 默认值为100

                                                                                                                                      Syntax

                                                                                                                                      Integer number between 10 and 1000

                                                                                                                                      握手超时时间

                                                                                                                                      Description

                                                                                                                                      给出新的QUIC连接完成其握手的时间(以秒为单位),超过限制时间后连接将中止。 默认值为10

                                                                                                                                      Syntax

                                                                                                                                      Integer number between 1 and 15

                                                                                                                                      空闲超时时间(秒)

                                                                                                                                      Description

                                                                                                                                      空闲的QUIC连接将被关闭的时间(以秒为单位)。 默认值为 30

                                                                                                                                      Syntax

                                                                                                                                      Integer number between 10 and 30

                                                                                                                                      -

                                                                                                                                      启用 DPLPMTUD

                                                                                                                                      Description

                                                                                                                                      启用 Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).

                                                                                                                                      Background on DPLPMTUD (RFC 8899)

                                                                                                                                      Default value: Yes

                                                                                                                                      Syntax

                                                                                                                                      从单选框选择

                                                                                                                                      +

                                                                                                                                      启用 DPLPMTUD

                                                                                                                                      Description

                                                                                                                                      启用 Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).

                                                                                                                                      Background on DPLPMTUD (RFC 8899)

                                                                                                                                      Default value: Yes

                                                                                                                                      Syntax

                                                                                                                                      从单选框选择

                                                                                                                                      PLPMTU 默认值

                                                                                                                                      Description

                                                                                                                                      QUIC默认使用的PLPMTU (无报头的最大数据包大小,以字节为单位)的默认值. 设置为0将会允许QUIC设置大小.

                                                                                                                                      这个设置必须低于 PLPMTU的最大值 的值.

                                                                                                                                      Default value: 0

                                                                                                                                      Syntax

                                                                                                                                      0或1200至65527之间的整数

                                                                                                                                      PLPMTU的最大值

                                                                                                                                      Description

                                                                                                                                      PLPMTU(无报头的最大数据包,以字节为单位)的上限. 此设置用于限制 在DPLPMTUD search space中"最大数据包大小". 设置为0将会允许QUIC设置大小. (默认情况下LSQUIC暂定MTU为1,500 字节 (以太网)).

                                                                                                                                      这个设置应该比PLPMTU 默认值的值高.
                                                                                                                                      Default value: 0

                                                                                                                                      Syntax

                                                                                                                                      0或1200至65527之间的整数

                                                                                                                                      diff --git a/dist/docs/zh-CN/ServerStat_Help.html b/dist/docs/zh-CN/ServerStat_Help.html index db537a18c..3ddd20cfd 100644 --- a/dist/docs/zh-CN/ServerStat_Help.html +++ b/dist/docs/zh-CN/ServerStat_Help.html @@ -17,7 +17,7 @@

                                                                                                                                      OpenLiteSpeed Web Server Users' Manual

                                                                                                                                      -

                                                                                                                                      Version 1.7  — Rev. 18

                                                                                                                                      +

                                                                                                                                      Version 1.7  — Rev. 19

                                                                                                                                        diff --git a/dist/docs/zh-CN/Servlet_Context.html b/dist/docs/zh-CN/Servlet_Context.html index 764831cbd..c9d82591e 100644 --- a/dist/docs/zh-CN/Servlet_Context.html +++ b/dist/docs/zh-CN/Servlet_Context.html @@ -17,7 +17,7 @@

                                                                                                                                        OpenLiteSpeed Web Server Users' Manual

                                                                                                                                        -

                                                                                                                                        Version 1.7  — Rev. 18

                                                                                                                                        +

                                                                                                                                        Version 1.7  — Rev. 19

                                                                                                                                          @@ -108,7 +108,7 @@

                                                                                                                                          Servlet Context

                                                                                                                                          Table of Contents

                                                                                                                                          Require(授权的用户/组)

                                                                                                                                          Description

                                                                                                                                          指定哪些用户/用户组可以访问此context。 这里允许你使用一个用户/组数据库(在 中指定)访问多个context, 但只允许该数据库下特定的用户/组访问这个context。

                                                                                                                                          Syntax

                                                                                                                                          Syntax is compatible with Apache's Require directive. For example:

                                                                                                                                          • user username [username ...]
                                                                                                                                            Only listed users can access this context.
                                                                                                                                          • group groupid [groupid ...]
                                                                                                                                            Only users belonging to the listed groups can access this context.
                                                                                                                                          If this setting is not specified, all valid users will be allowed to access this resource.

                                                                                                                                          允许访问列表

                                                                                                                                          Description

                                                                                                                                          指定允许访问这个context下资源的IP地址或子网。综合 拒绝访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                          Syntax

                                                                                                                                          Comma-delimited list of IPs/sub-networks.

                                                                                                                                          例子

                                                                                                                                          网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*

                                                                                                                                          拒绝访问列表

                                                                                                                                          Description

                                                                                                                                          指定哪个IP地址或子网不被允许访问这个context下的资源。 综合允许访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                          Syntax

                                                                                                                                          Comma-delimited list of IPs/sub-networks.

                                                                                                                                          例子

                                                                                                                                          子网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*
                                                                                                                                          -

                                                                                                                                          Authorizer

                                                                                                                                          Description

                                                                                                                                          指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问http://www.fastcgi.com

                                                                                                                                          Syntax

                                                                                                                                          从列表中选择

                                                                                                                                          +

                                                                                                                                          Authorizer

                                                                                                                                          Description

                                                                                                                                          指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问https://fastcgi-archives.github.io/

                                                                                                                                          Syntax

                                                                                                                                          从列表中选择

                                                                                                                                          添加默认的字符集

                                                                                                                                          Description

                                                                                                                                          S指定当内容类型是"text/html"或"text/plain"且没有参数时,是否添加字符集标记到"Content-Type"响应报头中。当设置为Off时,该功能禁用。当设置为On时,将添加自定义默认字符集中指定的字符集,如果没有指定,将添加默认的"iso-8859-1"字符集。

                                                                                                                                          Syntax

                                                                                                                                          从单选框选择

                                                                                                                                          diff --git a/dist/docs/zh-CN/Static_Context.html b/dist/docs/zh-CN/Static_Context.html index f9eb526bb..c777c542f 100644 --- a/dist/docs/zh-CN/Static_Context.html +++ b/dist/docs/zh-CN/Static_Context.html @@ -17,7 +17,7 @@

                                                                                                                                          OpenLiteSpeed Web Server Users' Manual

                                                                                                                                          -

                                                                                                                                          Version 1.7  — Rev. 18

                                                                                                                                          +

                                                                                                                                          Version 1.7  — Rev. 19

                                                                                                                                            @@ -117,7 +117,7 @@

                                                                                                                                            Static Context

                                                                                                                                            Table of Contents

                                                                                                                                            <

                                                                                                                                            Require(授权的用户/组)

                                                                                                                                            Description

                                                                                                                                            指定哪些用户/用户组可以访问此context。 这里允许你使用一个用户/组数据库(在 中指定)访问多个context, 但只允许该数据库下特定的用户/组访问这个context。

                                                                                                                                            Syntax

                                                                                                                                            Syntax is compatible with Apache's Require directive. For example:

                                                                                                                                            • user username [username ...]
                                                                                                                                              Only listed users can access this context.
                                                                                                                                            • group groupid [groupid ...]
                                                                                                                                              Only users belonging to the listed groups can access this context.
                                                                                                                                            If this setting is not specified, all valid users will be allowed to access this resource.

                                                                                                                                            允许访问列表

                                                                                                                                            Description

                                                                                                                                            指定允许访问这个context下资源的IP地址或子网。综合 拒绝访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                            Syntax

                                                                                                                                            Comma-delimited list of IPs/sub-networks.

                                                                                                                                            例子

                                                                                                                                            网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*

                                                                                                                                            拒绝访问列表

                                                                                                                                            Description

                                                                                                                                            指定哪个IP地址或子网不被允许访问这个context下的资源。 综合允许访问列表项的配置以及服务器/虚拟主机级别访问控制, 可访问性将以客户端IP所符合的最小范围来确定。

                                                                                                                                            Syntax

                                                                                                                                            Comma-delimited list of IPs/sub-networks.

                                                                                                                                            例子

                                                                                                                                            子网络可以写成192.168.1.0/255.255.255.0, 192.168.1192.168.1.*
                                                                                                                                            -

                                                                                                                                            Authorizer

                                                                                                                                            Description

                                                                                                                                            指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问http://www.fastcgi.com

                                                                                                                                            Syntax

                                                                                                                                            从列表中选择

                                                                                                                                            +

                                                                                                                                            Authorizer

                                                                                                                                            Description

                                                                                                                                            指定可用于生成授权/未授权 decisions的外部应用程序。 目前,仅FastCGI授权器可用。 有关FastCGI授权者角色的更多详细信息, 请访问https://fastcgi-archives.github.io/

                                                                                                                                            Syntax

                                                                                                                                            从列表中选择

                                                                                                                                            添加默认的字符集

                                                                                                                                            Description

                                                                                                                                            S指定当内容类型是"text/html"或"text/plain"且没有参数时,是否添加字符集标记到"Content-Type"响应报头中。当设置为Off时,该功能禁用。当设置为On时,将添加自定义默认字符集中指定的字符集,如果没有指定,将添加默认的"iso-8859-1"字符集。

                                                                                                                                            Syntax

                                                                                                                                            从单选框选择

                                                                                                                                            启用重写

                                                                                                                                            Description

                                                                                                                                            指定是否启用LiteSpeed的URL重写. 可以在虚拟主机或context级别上自定义此选项, 并且沿目录树继承该选项,直到被其他选项覆。

                                                                                                                                            Syntax

                                                                                                                                            从单选框选择

                                                                                                                                            diff --git a/dist/docs/zh-CN/Templates_Help.html b/dist/docs/zh-CN/Templates_Help.html index 7a8e15f0a..25b6a7ea7 100644 --- a/dist/docs/zh-CN/Templates_Help.html +++ b/dist/docs/zh-CN/Templates_Help.html @@ -17,7 +17,7 @@

                                                                                                                                            OpenLiteSpeed Web Server Users' Manual

                                                                                                                                            -

                                                                                                                                            Version 1.7  — Rev. 18

                                                                                                                                            +

                                                                                                                                            Version 1.7  — Rev. 19

                                                                                                                                              diff --git a/dist/docs/zh-CN/VHGeneral_Help.html b/dist/docs/zh-CN/VHGeneral_Help.html index b9af937f3..524972632 100644 --- a/dist/docs/zh-CN/VHGeneral_Help.html +++ b/dist/docs/zh-CN/VHGeneral_Help.html @@ -17,7 +17,7 @@

                                                                                                                                              OpenLiteSpeed Web Server Users' Manual

                                                                                                                                              -

                                                                                                                                              Version 1.7  — Rev. 18

                                                                                                                                              +

                                                                                                                                              Version 1.7  — Rev. 19

                                                                                                                                                diff --git a/dist/docs/zh-CN/VHSSL_Help.html b/dist/docs/zh-CN/VHSSL_Help.html index a9555f17c..ecf78fbd6 100644 --- a/dist/docs/zh-CN/VHSSL_Help.html +++ b/dist/docs/zh-CN/VHSSL_Help.html @@ -17,7 +17,7 @@

                                                                                                                                                OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                -

                                                                                                                                                Version 1.7  — Rev. 18

                                                                                                                                                +

                                                                                                                                                Version 1.7  — Rev. 19

                                                                                                                                                  @@ -123,7 +123,7 @@

                                                                                                                                                  虚拟主机SSL

                                                                                                                                                  Table of Contents

                                                                                                                                                  启用会话记录单

                                                                                                                                                  Description

                                                                                                                                                  使用OpenSSL的默认会话票证设置启用会话记录单。 服务器级别设置必须设置为“是”才能使虚拟主机设置生效。
                                                                                                                                                  默认值:
                                                                                                                                                  服务器级别: Yes
                                                                                                                                                  虚拟主机级别: Yes

                                                                                                                                                  Syntax

                                                                                                                                                  从单选框选择

                                                                                                                                                  启用 SPDY/HTTP2/HTTP3

                                                                                                                                                  Description

                                                                                                                                                  有选择地启用HTTP/3,HTTP/2和SPDY HTTP网络协议。

                                                                                                                                                  如果要禁用SPDY,HTTP/2和HTTP3,请选中“无”,并取消选中所有其他框。
                                                                                                                                                  Default value: All enabled

                                                                                                                                                  Syntax

                                                                                                                                                  从复选框中选择

                                                                                                                                                  提示

                                                                                                                                                  可以在侦听器和虚拟主机级别上设置此设置。

                                                                                                                                                  Enable HTTP3/QUIC

                                                                                                                                                  Description

                                                                                                                                                  Enables the HTTP3/QUIC network protocol for this virtual host. For this setting to take effect, both 启用HTTP3/QUIC and 打开HTTP3/QUIC (UDP) 端口 must also be set to Yes at the server and listener levels respectively. Default value is Yes.

                                                                                                                                                  Syntax

                                                                                                                                                  从单选框选择

                                                                                                                                                  提示

                                                                                                                                                  When this setting is set to No, the HTTP3/QUIC advertisement will no longer be sent. If a browser still contains cached HTTP3/QUIC information and HTTP3/QUIC is still enabled at the server and listener levels, an HTTP3/QUIC connection will continue to be used until this information is no longer cached or an HTTP3/QUIC protocol error is encountered.

                                                                                                                                                  -

                                                                                                                                                  OCSP装订

                                                                                                                                                  Description

                                                                                                                                                  在线证书状态协议(OCSP)是更加有效的检查数字证书是否有效的方式。 它通过与另一台服务器(OCSP响应服务器)通信,以获取证书有效的验证,而不是通过证书吊销列表(CRL)进行检查。

                                                                                                                                                  OCSP装订是对该协议的进一步改进,允许服务器以固定的时间间隔而不是每次请求证书时与OCSP响应程序进行检查。 有关更多详细信息,请参见 OCSP Wikipedia页面

                                                                                                                                                  +

                                                                                                                                                  OCSP装订

                                                                                                                                                  Description

                                                                                                                                                  在线证书状态协议(OCSP)是更加有效的检查数字证书是否有效的方式。 它通过与另一台服务器(OCSP响应服务器)通信,以获取证书有效的验证,而不是通过证书吊销列表(CRL)进行检查。

                                                                                                                                                  OCSP装订是对该协议的进一步改进,允许服务器以固定的时间间隔而不是每次请求证书时与OCSP响应程序进行检查。 有关更多详细信息,请参见 OCSP Wikipedia页面

                                                                                                                                                  启用 OCSP 装订

                                                                                                                                                  Description

                                                                                                                                                  确定是否启用OCSP装订,这是一种更有效的验证公钥证书的方式。

                                                                                                                                                  Syntax

                                                                                                                                                  从单选框选择

                                                                                                                                                  OCSP响应最大有效时间(秒)

                                                                                                                                                  Description

                                                                                                                                                  此选项设置OCSP响应的最大有效时间。 如果OCSP响应早于该最大使用期限,则服务器将与OCSP响应服务器联系以获取新的响应。 默认值为86400 。 通过将此值设置为-1,可以关闭最大有效时间。

                                                                                                                                                  Syntax

                                                                                                                                                  Integer of seconds

                                                                                                                                                  OCSP响应服务器

                                                                                                                                                  Description

                                                                                                                                                  指定要使用的OCSP响应服务器的URL。 如果未设置,则服务器将尝试联系OCSP响应服务器 在证书颁发机构的颁发者证书中有详细说明。 某些颁发者证书可能未指定OCSP服务器URL。

                                                                                                                                                  Syntax

                                                                                                                                                  URL starting with http://

                                                                                                                                                  例子

                                                                                                                                                  http://rapidssl-ocsp.geotrust.com
                                                                                                                                                  diff --git a/dist/docs/zh-CN/VHSecurity_Help.html b/dist/docs/zh-CN/VHSecurity_Help.html index b4cca845c..b6095951a 100644 --- a/dist/docs/zh-CN/VHSecurity_Help.html +++ b/dist/docs/zh-CN/VHSecurity_Help.html @@ -17,7 +17,7 @@

                                                                                                                                                  OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                  -

                                                                                                                                                  Version 1.7  — Rev. 18

                                                                                                                                                  +

                                                                                                                                                  Version 1.7  — Rev. 19

                                                                                                                                                    @@ -112,7 +112,7 @@

                                                                                                                                                    虚拟主机安全

                                                                                                                                                    Table of Contents

                                                                                                                                                    reCAPTCHA类型

                                                                                                                                                    Description

                                                                                                                                                    指定要与密钥对一起使用的reCAPTCHA类型。 如果未提供密钥对,并且此设置设置为 未设置,将使用隐形类型的默认密钥对。
                                                                                                                                                    复选框将显示一个复选框reCAPTCHA,以供访问者验证。
                                                                                                                                                    隐形将尝试自动验证reCAPTCHA,如果成功,将重定向到所需的页面。

                                                                                                                                                    默认值为隐形

                                                                                                                                                    Syntax

                                                                                                                                                    从列表中选择

                                                                                                                                                  最大尝试次数

                                                                                                                                                  Description

                                                                                                                                                  “最大尝试次数”指定在拒绝访客之前允许的最大reCAPTCHA次尝试次数。
                                                                                                                                                  默认值是 3.

                                                                                                                                                  Syntax

                                                                                                                                                  整数

                                                                                                                                                  并发请求限制

                                                                                                                                                  Description

                                                                                                                                                  激活reCAPTCHA所需的并发请求数。 当并发请求数超过该值时将启用reCAPTCHA, 默认值为15000.

                                                                                                                                                  Syntax

                                                                                                                                                  整数

                                                                                                                                                  -

                                                                                                                                                  Bubblewrap Container

                                                                                                                                                  Description

                                                                                                                                                  Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/index.php/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

                                                                                                                                                  This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

                                                                                                                                                  Default values:
                                                                                                                                                  Server level: Disabled
                                                                                                                                                  VH level: Inherit Server level setting

                                                                                                                                                  Syntax

                                                                                                                                                  从列表中选择

                                                                                                                                                  +

                                                                                                                                                  Bubblewrap Container

                                                                                                                                                  Description

                                                                                                                                                  Set to On if you wish to start CGI processes (including PHP programs) in a bubblewrap sandbox. See https://wiki.archlinux.org/title/Bubblewrap for details on using bubblewrap. Bubblewrap must be installed on your system prior to using this setting.

                                                                                                                                                  This setting cannot be turned on at the Virtual Host level if set to "Disabled" at the Server level.

                                                                                                                                                  Default values:
                                                                                                                                                  Server level: Disabled
                                                                                                                                                  VH level: Inherit Server level setting

                                                                                                                                                  Syntax

                                                                                                                                                  从列表中选择

                                                                                                                                                  登入限制

                                                                                                                                                  Description

                                                                                                                                                  指定哪些子网络和/或IP地址可以访问该服务器。 这是影响所有的虚拟主机的服务器级别设置。您还可以为每个虚拟主机设置登入限制。虚拟主机的设置不会覆盖服务器设置。

                                                                                                                                                  是否阻止/允许一个IP是由允许列表与阻止列表共同决定。 如果你想阻止某个特定IP或子网,请在允许列表中写入*ALL,并在拒绝列表中写入需要阻止的IP或子网。 如果你想允许某个特定的IP或子网,请在拒绝列表中写入*ALL,并在允许列表中写入需要允许的IP或子网。 单个IP地址是被允许访问还是禁止访问取决于该IP符合的最小限制范围。

                                                                                                                                                  信任的IP或子网络可以在允许列表列表中添加后缀“T”来指定。受信任的IP或子网不受连接数/流量限制。 只有服务器级别的登入限制才可以设置受信任的IP或子网。

                                                                                                                                                  提示

                                                                                                                                                  [安全建议] 用此项设置适用于所有虚拟主机的常规限制。

                                                                                                                                                  允许列表

                                                                                                                                                  Description

                                                                                                                                                  指定允许的IP地址或子网的列表。 可以使用{VAL}*或{VAL}ALL。

                                                                                                                                                  Syntax

                                                                                                                                                  逗号分隔的IP地址或子网列表。 结尾加上“T”可以用来表示一个受信任的IP或子网,如{VAL}192.168.1.*T。

                                                                                                                                                  例子

                                                                                                                                                  子网: 192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1192.168.1.*.
                                                                                                                                                  IPv6 地址: ::1[::1]
                                                                                                                                                  IPv6 子网: 3ffe:302:11:2:20f:1fff:fe29:717c/64[3ffe:302:11:2:20f:1fff:fe29:717c]/64.

                                                                                                                                                  提示

                                                                                                                                                  [安全建议] 在服务器级别设置的受信任的IP或子网不受连接/节流限制。

                                                                                                                                                  拒绝列表

                                                                                                                                                  Description

                                                                                                                                                  指定不允许的IP地址或子网的列表。

                                                                                                                                                  Syntax

                                                                                                                                                  逗号分隔的IP地址或子网列表。 可以使用{VAL}*或{VAL}ALL。

                                                                                                                                                  例子

                                                                                                                                                  子网: 192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1192.168.1.*.
                                                                                                                                                  IPv6 地址: ::1[::1]
                                                                                                                                                  IPv6 子网: 3ffe:302:11:2:20f:1fff:fe29:717c/64[3ffe:302:11:2:20f:1fff:fe29:717c]/64.
                                                                                                                                                  diff --git a/dist/docs/zh-CN/VHWebSocket_Help.html b/dist/docs/zh-CN/VHWebSocket_Help.html index 3f1d91539..da74440bf 100644 --- a/dist/docs/zh-CN/VHWebSocket_Help.html +++ b/dist/docs/zh-CN/VHWebSocket_Help.html @@ -17,7 +17,7 @@

                                                                                                                                                  OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                  -

                                                                                                                                                  Version 1.7  — Rev. 18

                                                                                                                                                  +

                                                                                                                                                  Version 1.7  — Rev. 19

                                                                                                                                                    diff --git a/dist/docs/zh-CN/VirtualHosts_Help.html b/dist/docs/zh-CN/VirtualHosts_Help.html index 0ceab77d8..a89447dd1 100644 --- a/dist/docs/zh-CN/VirtualHosts_Help.html +++ b/dist/docs/zh-CN/VirtualHosts_Help.html @@ -17,7 +17,7 @@

                                                                                                                                                    OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                    -

                                                                                                                                                    Version 1.7  — Rev. 18

                                                                                                                                                    +

                                                                                                                                                    Version 1.7  — Rev. 19

                                                                                                                                                      diff --git a/dist/docs/zh-CN/admin.html b/dist/docs/zh-CN/admin.html index 7e9c6a7df..174baeae3 100644 --- a/dist/docs/zh-CN/admin.html +++ b/dist/docs/zh-CN/admin.html @@ -17,7 +17,7 @@

                                                                                                                                                      OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                      -

                                                                                                                                                      Version 1.7  — Rev. 18

                                                                                                                                                      +

                                                                                                                                                      Version 1.7  — Rev. 19

                                                                                                                                                        diff --git a/dist/docs/zh-CN/config.html b/dist/docs/zh-CN/config.html index 6c4ddf361..b5f48393e 100644 --- a/dist/docs/zh-CN/config.html +++ b/dist/docs/zh-CN/config.html @@ -17,7 +17,7 @@

                                                                                                                                                        OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                        -

                                                                                                                                                        Version 1.7  — Rev. 18

                                                                                                                                                        +

                                                                                                                                                        Version 1.7  — Rev. 19

                                                                                                                                                          diff --git a/dist/docs/zh-CN/index.html b/dist/docs/zh-CN/index.html index 3da215689..65ec33a3d 100644 --- a/dist/docs/zh-CN/index.html +++ b/dist/docs/zh-CN/index.html @@ -17,7 +17,7 @@

                                                                                                                                                          OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                          -

                                                                                                                                                          Version 1.7  — Rev. 18

                                                                                                                                                          +

                                                                                                                                                          Version 1.7  — Rev. 19

                                                                                                                                                            @@ -102,7 +102,7 @@



                                                                                                                                                            Users' Manual

                                                                                                                                                            - — Rev. 18 + — Rev. 19

                                                                                                                                                            diff --git a/dist/docs/zh-CN/install.html b/dist/docs/zh-CN/install.html index 6b3525731..1af883882 100644 --- a/dist/docs/zh-CN/install.html +++ b/dist/docs/zh-CN/install.html @@ -17,7 +17,7 @@

                                                                                                                                                            OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                            -

                                                                                                                                                            Version 1.7  — Rev. 18

                                                                                                                                                            +

                                                                                                                                                            Version 1.7  — Rev. 19

                                                                                                                                                              diff --git a/dist/docs/zh-CN/intro.html b/dist/docs/zh-CN/intro.html index 10a32b61e..359f0c7c0 100644 --- a/dist/docs/zh-CN/intro.html +++ b/dist/docs/zh-CN/intro.html @@ -17,7 +17,7 @@

                                                                                                                                                              OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                              -

                                                                                                                                                              Version 1.7  — Rev. 18

                                                                                                                                                              +

                                                                                                                                                              Version 1.7  — Rev. 19

                                                                                                                                                                diff --git a/dist/docs/zh-CN/license.html b/dist/docs/zh-CN/license.html index 27586702c..e863f073c 100644 --- a/dist/docs/zh-CN/license.html +++ b/dist/docs/zh-CN/license.html @@ -17,7 +17,7 @@

                                                                                                                                                                OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                                -

                                                                                                                                                                Version 1.7  — Rev. 18

                                                                                                                                                                +

                                                                                                                                                                Version 1.7  — Rev. 19

                                                                                                                                                                  diff --git a/dist/docs/zh-CN/security.html b/dist/docs/zh-CN/security.html index 8f044c224..d94c0cfe5 100644 --- a/dist/docs/zh-CN/security.html +++ b/dist/docs/zh-CN/security.html @@ -17,7 +17,7 @@

                                                                                                                                                                  OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                                  -

                                                                                                                                                                  Version 1.7  — Rev. 18

                                                                                                                                                                  +

                                                                                                                                                                  Version 1.7  — Rev. 19

                                                                                                                                                                    diff --git a/dist/docs/zh-CN/webconsole.html b/dist/docs/zh-CN/webconsole.html index fac9e77df..e3728f355 100644 --- a/dist/docs/zh-CN/webconsole.html +++ b/dist/docs/zh-CN/webconsole.html @@ -17,7 +17,7 @@

                                                                                                                                                                    OpenLiteSpeed Web Server Users' Manual

                                                                                                                                                                    -

                                                                                                                                                                    Version 1.7  — Rev. 18

                                                                                                                                                                    +

                                                                                                                                                                    Version 1.7  — Rev. 19

                                                                                                                                                                      diff --git a/dist/install.sh b/dist/install.sh index e95e952be..fb290ee6f 100755 --- a/dist/install.sh +++ b/dist/install.sh @@ -3,7 +3,7 @@ OSNAMEVER=UNKNOWN OSNAME= OSVER= -OSTYPE=`getconf LONG_BIT` +ARCH=`arch` MARIADBCPUARCH= DLCMD= LSPHPVER=74 @@ -11,7 +11,6 @@ MYIP= testMyIP() { - detectdlcmd $DLCMD $LSWS_HOME/myip http://cyberpanel.sh/?ip MYIP=`cat $LSWS_HOME/myip` rm $LSWS_HOME/myip @@ -19,9 +18,7 @@ testMyIP() inst_admin_php() { - # detect download method OS=`uname -s` - detectdlcmd HASADMINPHP=n if [ -f "$LSWS_HOME/admin/fcgi-bin/admin_php" ] ; then @@ -35,10 +32,12 @@ inst_admin_php() fi if [ "x$OS" = "xLinux" ] ; then - if [ "x$OSTYPE" != "x64" ] ; then - $DLCMD $LSWS_HOME/admin/fcgi-bin/admin_php http://www.litespeedtech.com/packages/lsphp5_bin/i386/lsphp5 - else + if [ "x$ARCH" = "xx86_64" ] ; then $DLCMD $LSWS_HOME/admin/fcgi-bin/admin_php http://www.litespeedtech.com/packages/lsphp5_bin/x86_64/lsphp5 + elif [ "x$ARCH" = "xaarch64" ] ; then + $DLCMD $LSWS_HOME/admin/fcgi-bin/admin_php http://www.litespeedtech.com/packages/lsphp7_bin/aarch64/lsphp + else + $DLCMD $LSWS_HOME/admin/fcgi-bin/admin_php http://www.litespeedtech.com/packages/lsphp5_bin/i386/lsphp5 fi if [ $? = 0 ] ; then @@ -51,7 +50,7 @@ inst_admin_php() # fi elif [ "x$OS" = "xFreeBSD" ] ; then - if [ "x$OSTYPE" != "x64" ] ; then + if [ "x$ARCH" != "xamd64" ] ; then $DLCMD $LSWS_HOME/admin/fcgi-bin/admin_php http://www.litespeedtech.com/packages/lsphp5_bin/i386-freebsd/lsphp5 else $DLCMD $LSWS_HOME/admin/fcgi-bin/admin_php http://www.litespeedtech.com/packages/lsphp5_bin/x86_64-freebsd/lsphp5 @@ -84,7 +83,7 @@ install_lsphp7_centos() ND=nd yum -y $action epel-release - rpm -Uvh http://rpms.litespeedtech.com/centos/litespeed-repo-1.1-1.el$OSVER.noarch.rpm + rpm -Uvh http://rpms.litespeedtech.com/centos/litespeed-repo-1.3-1.el$OSVER.noarch.rpm yum -y $action lsphp$LSPHPVER lsphp$LSPHPVER-common lsphp$LSPHPVER-gd lsphp$LSPHPVER-process lsphp$LSPHPVER-mbstring lsphp$LSPHPVER-mysql$ND lsphp$LSPHPVER-xml lsphp$LSPHPVER-mcrypt lsphp$LSPHPVER-pdo lsphp$LSPHPVER-imap lsphp$LSPHPVER-json if [ ! -f "$LSWS_HOME/lsphp$LSPHPVER/bin/lsphp" ] ; then @@ -107,8 +106,8 @@ install_lsphp7_debian() echo "deb http://rpms.litespeedtech.com/debian/ $OSVER main" > /etc/apt/sources.list.d/lst_debian_repo.list fi - wget -O /etc/apt/trusted.gpg.d/lst_debian_repo.gpg http://rpms.litespeedtech.com/debian/lst_debian_repo.gpg - wget -O /etc/apt/trusted.gpg.d/lst_repo.gpg http://rpms.litespeedtech.com/debian/lst_repo.gpg + ${DLCMD} /etc/apt/trusted.gpg.d/lst_debian_repo.gpg http://rpms.litespeedtech.com/debian/lst_debian_repo.gpg + ${DLCMD} /etc/apt/trusted.gpg.d/lst_repo.gpg http://rpms.litespeedtech.com/debian/lst_repo.gpg apt-get -y update apt-get -y install lsphp$LSPHPVER lsphp$LSPHPVER-mysql lsphp$LSPHPVER-imap lsphp$LSPHPVER-common lsphp$LSPHPVER-curl lsphp$LSPHPVER-json @@ -301,6 +300,7 @@ shift IS_LSCPD=$9 +detectdlcmd VERSION=open SETUP_PHP=1 PHP_SUFFIX="php" diff --git a/include/lsr/ls_log.h b/include/lsr/ls_log.h index ca3d65cb3..927248dbf 100644 --- a/include/lsr/ls_log.h +++ b/include/lsr/ls_log.h @@ -18,6 +18,7 @@ #ifndef LS_LOG_H #define LS_LOG_H +#include #include #ifdef __cplusplus @@ -42,6 +43,18 @@ enum LS_LOG_LEVEL LS_LOG_UNKNOWN = 10000 }; +struct ls_logger_s +{ + /* + * m_logId.ptr should always be either NULL or allocated memory of + * at least MAX_LOGID_LEN + 1. logging code assumes sufficient space + * left in buffer. + * m_logId.len should always be 0 (before build or after clear) or the + * length of the base string built during build. loggers modify the buffer + * past len for supplemental info. + */ + ls_str_t m_logId; +}; #define LSR_DBG_H( ... ) \ do { \ @@ -84,9 +97,9 @@ enum LS_LOG_LEVEL c_log( LS_LOG_ERROR, __VA_ARGS__); \ }while(0) -void c_log(int level, const char *format, ...) +void c_log(int level, ls_logger_t *log_sess, const char *format, ...) #if __GNUC__ - __attribute__((format(printf, 2, 3))) + __attribute__((format(printf, 3,4))) #endif ; diff --git a/include/lsr/ls_types.h b/include/lsr/ls_types.h index ca46a92c0..f38f4c66d 100644 --- a/include/lsr/ls_types.h +++ b/include/lsr/ls_types.h @@ -18,6 +18,8 @@ #ifndef LS_TYPES_H #define LS_TYPES_H +#include + /** * @file */ @@ -26,7 +28,7 @@ extern "C" { #endif -#include +#define ls_inline static inline typedef unsigned long ls_hash_key_t; typedef struct ls_ptrlist_s ls_ptrlist_t; @@ -42,6 +44,9 @@ typedef struct ls_strpair_s ls_strpair_t; */ typedef struct ls_xpool_s ls_xpool_t; +typedef struct ls_logger_s ls_logger_t; + + typedef uint32_t (*h32_fn)(const void *pVal); typedef uint64_t (*h64_fn)(const void *pVal); typedef int (*v_comp)(const void *pVal1, const void *pVal2); @@ -50,6 +55,7 @@ typedef uint32_t (*h2_32_fn)(const void *pVal, size_t len); typedef uint64_t (*h2_64_fn)(const void *pVal, size_t len); typedef int (*v2_comp)(const void *pVal1, const void *pVal2, size_t len); + #ifdef __cplusplus } #endif diff --git a/src/adns/adns.cpp b/src/adns/adns.cpp index 0dc28b36e..812a493bc 100644 --- a/src/adns/adns.cpp +++ b/src/adns/adns.cpp @@ -225,7 +225,7 @@ void Adns::release(AdnsReq *pReq) return; if (--pReq->ref_count == 0) { - //fprintf(stderr, "release AdnsReq %p\n", pReq); + //fprintf(stderr, "release AdnsReq %p\n", pReq); delete pReq; } } @@ -341,8 +341,8 @@ void Adns::getHostByAddrCb(struct dns_ctx *ctx, struct dns_rr_ptr *rr, void *par if (pAdnsReq->cb && pAdnsReq->arg) pAdnsReq->cb(pAdnsReq->arg, n, p); //else - // fprintf(stderr, "AdnsReq %p for %s skip callback, cb: %p, arg: %p\n", - // pAdnsReq, pAdnsReq->name, pAdnsReq->cb, pAdnsReq->arg); + // fprintf(stderr, "AdnsReq %p for %s skip callback, cb: %p, arg: %p\n", + // pAdnsReq, pAdnsReq->name, pAdnsReq->cb, pAdnsReq->arg); if (rr) free(rr); @@ -372,7 +372,7 @@ const char *Adns::getHostByNameInCache(const char * pName, int &length, } -AdnsReq *Adns::getHostByName(const char * pName, int type, +AdnsReq *Adns::getHostByName(const char * pName, int type, lookup_pf cb, void *arg) { dns_query * pQuery; @@ -380,8 +380,8 @@ AdnsReq *Adns::getHostByName(const char * pName, int type, AdnsReq *pAdnsReq = new AdnsReq; if (!pAdnsReq) return NULL; - //fprintf(stderr, "AdnsReq %p created for getHostByName %s\n", - // pAdnsReq, pName); + //fprintf(stderr, "AdnsReq %p created for getHostByName %s\n", + // pAdnsReq, pName); pAdnsReq->type = type; pAdnsReq->name = getCacheName(pName, type); pAdnsReq->cb = cb; @@ -441,7 +441,7 @@ AdnsReq * Adns::getHostByAddr(const struct sockaddr * pAddr, void *arg, lookup_p if (!pAdnsReq) return NULL; - //fprintf(stderr, "AdnsReq %p created for getHostByAddr\n", pAdnsReq); + //fprintf(stderr, "AdnsReq %p created for getHostByAddr\n", pAdnsReq); int type = pAddr->sa_family; pAdnsReq->type = type; int length; diff --git a/src/adns/adns.h b/src/adns/adns.h index 3f1cd3bd4..da055a0a6 100644 --- a/src/adns/adns.h +++ b/src/adns/adns.h @@ -121,7 +121,7 @@ class Adns : public EventReactor, public evtcbhead_s, public TSingleton static int deleteCache(); void trimCache(); - + char *getCacheName(const char *pName, int type); const char *getCacheValue(const char * pName, int nameLen, int &valLen, int max_ttl = 0); @@ -135,10 +135,10 @@ class Adns : public EventReactor, public evtcbhead_s, public TSingleton const char *getHostByAddrInCache(const struct sockaddr * pAddr, int &length, int max_ttl = 0); AdnsReq *getHostByAddr(const struct sockaddr * pAddr, void *arg, lookup_pf cb); - + static int setResult(const struct sockaddr *result, const void *ip, int len); static void release(AdnsReq *pReq); - + int handleEvents(short events); int onTimer(); @@ -148,7 +148,7 @@ class Adns : public EventReactor, public evtcbhead_s, public TSingleton static int getHostByNameV6Sync(const char *pName, in6_addr *addr); void checkCacheTTL(); - + void processPendingEvt() {} diff --git a/src/config.h.cmake b/src/config.h.cmake index 2077ad60f..086830739 100644 --- a/src/config.h.cmake +++ b/src/config.h.cmake @@ -6,7 +6,7 @@ #define PID_FILE "/tmp/lshttpd/lshttpd.pid" #define PACKAGE_VERSION "1.7.16" -#define LS_MODULE_VERSION_INFO "\tlsquic 3.0.4\n\tmodgzip 1.1\n\tcache 1.64\n\tmod_security 1.4\n" -#define LS_MODULE_VERSION_INFO_ONELINE "lsquic 3.0.4, modgzip 1.1, cache 1.64, mod_security 1.4" +#define LS_MODULE_VERSION_INFO "\tlsquic 3.1.1\n\tmodgzip 1.1\n\tcache 1.64\n\tmod_security 1.4\n" +#define LS_MODULE_VERSION_INFO_ONELINE "lsquic 3.1.1, modgzip 1.1, cache 1.64, mod_security 1.4" #endif diff --git a/src/http/authuser.cpp b/src/http/authuser.cpp index b2bd12004..11241cc5f 100644 --- a/src/http/authuser.cpp +++ b/src/http/authuser.cpp @@ -98,7 +98,7 @@ void AuthUser::updatePasswdEncMethod() } } else if (pass[0] == '$' && pass[1] == '2' && pass[3] == '$' - && (pass[2] == 'y' || pass[2] == 'a')) + && (pass[2] == 'y' || pass[2] == 'a' || pass[2] == 'b')) setEncMethod(ENCRYPT_BCRYPT); } diff --git a/src/http/chunkinputstream.cpp b/src/http/chunkinputstream.cpp index 1eae04f90..64e3d1286 100644 --- a/src/http/chunkinputstream.cpp +++ b/src/http/chunkinputstream.cpp @@ -20,6 +20,7 @@ #include #include +#include #include #include #include @@ -154,6 +155,8 @@ int ChunkInputStream::parseChunkLen(char *pLineEnd) long lLen = strtol(p, &p1, 16); if (((!*p1) || (*p1 == ' ') || (*p1 == ';')) && (p1 != p)) { + if (lLen < 0 || lLen > INT_MAX) + return -1; m_iChunkLen = lLen; if (m_iChunkLen) m_iRemain = lLen + 2; @@ -285,6 +288,8 @@ int ChunkInputStream::skipTrailer() m_iRemain = -3; ++pBegin; break; + default: + return -1; } } } diff --git a/src/http/httprespheaders.cpp b/src/http/httprespheaders.cpp index 0ae78aa16..a44553a83 100644 --- a/src/http/httprespheaders.cpp +++ b/src/http/httprespheaders.cpp @@ -265,6 +265,7 @@ void HttpRespHeaders::replaceHeader(lsxpack_header *pKv, const char *pVal, char *pOldVal = getVal(pKv); memcpy(pOldVal, pVal, valLen); memset(pOldVal + valLen, ' ', pKv->val_len - valLen); + pKv->val_len = valLen; lsxpack_header_mark_val_changed(pKv); } @@ -1105,12 +1106,14 @@ int HttpRespHeaders::mergeAll() { if (pKv->name_len > 0) { - int len = pKv->name_len + pKv->val_len + 4; + int len = pKv->name_len + pKv->val_len + 2; tmp.append(m_buf.begin() + pKv->name_offset, len); + tmp.append_unsafe('\r'); + tmp.append_unsafe('\n'); int diff = total - pKv->name_offset; pKv->name_offset = total; pKv->val_offset += diff; - total += len; + total += len + 2; } ++pKv; } @@ -1442,7 +1445,7 @@ int HttpRespHeaders::toHpackIdx(int index) static const int appresp2qpack[36] = { 32, //"accept-ranges" - -1, //"connection" + LS_RESP_HDR_DROP, //"connection" 54, //"content-type" 4, //"content-length" 43, //"content-encoding" @@ -1452,17 +1455,17 @@ static const int appresp2qpack[36] = { 6, //"date" 7, //"etag" -1, //"expires" - -1, //"keep-alive" + LS_RESP_HDR_DROP, //"keep-alive" 10, //"last-modified" 12, //"location" -1, //"x-litespeed-location" -1, //"x-litespeed-cache-control" -1, //"pragma" - -1, //"proxy-connection" + LS_RESP_HDR_DROP, //"proxy-connection" 92, //"server" 14, //"set-cookie" -1, //"status" - -1, //"transfer-encoding" + LS_RESP_HDR_DROP, //"transfer-encoding" 60, //"vary" -1, //"www-authenticate" -1, //"x-litespeed-cache" @@ -1476,7 +1479,7 @@ static const int appresp2qpack[36] = { 83, //"alt-svc" -1, //"x-litespeed-alt-svc" -1, //"x-lsadc-backend" - -1, //"upgrade" + LS_RESP_HDR_DROP, //"upgrade" }; static int @@ -1501,8 +1504,13 @@ static void buildQpackIdx(lsxpack_header *hdr) idx = lookup_appresp2qpack(hdr->app_index); if (idx != -1) { - hdr->qpack_index = idx; - hdr->flags = (lsxpack_flag)(hdr->flags | LSXPACK_QPACK_IDX); + if (idx == LS_RESP_HDR_DROP) + hdr->buf = NULL; + else + { + hdr->qpack_index = idx; + hdr->flags = (lsxpack_flag)(hdr->flags | LSXPACK_QPACK_IDX); + } } } @@ -1510,7 +1518,7 @@ static void buildQpackIdx(lsxpack_header *hdr) static const int appresp2hpack[36] = { 18, //"accept-ranges" - 0, //"connection" + LS_RESP_HDR_DROP, //"connection" 31, //"content-type" 28, //"content-length" 26, //"content-encoding" @@ -1520,17 +1528,17 @@ static const int appresp2hpack[36] = { 33, //"date" 34, //"etag" 36, //"expires" - 0, //"keep-alive" + LS_RESP_HDR_DROP, //"keep-alive" 44, //"last-modified" 46, //"location" 0, //"x-litespeed-location" 0, //"x-litespeed-cache-control" 0, //"pragma" - 0, //"proxy-connection" + LS_RESP_HDR_DROP, //"proxy-connection" 54, //"server" 55, //"set-cookie" 0, //"status" - 57, //"transfer-encoding" + LS_RESP_HDR_DROP, //"transfer-encoding" 59, //"vary" 61, //"www-authenticate" 0, //"x-litespeed-cache" @@ -1544,7 +1552,7 @@ static const int appresp2hpack[36] = { 0, //"alt-svc" 0, //"x-litespeed-alt-svc" 0, //"x-lsadc-backend" - 0, //"upgrade" + LS_RESP_HDR_DROP, //"upgrade" }; @@ -1573,7 +1581,10 @@ static void buildHpackIdx(lsxpack_header *hdr) idx = lookup_appresp2hpack(hdr->app_index); if (idx != LSHPACK_HDR_UNKNOWN) { - hdr->hpack_index = idx; + if (idx == LS_RESP_HDR_DROP) + hdr->buf = NULL; + else + hdr->hpack_index = idx; } } diff --git a/src/http/httprespheaders.h b/src/http/httprespheaders.h index 78011412f..779f53c18 100644 --- a/src/http/httprespheaders.h +++ b/src/http/httprespheaders.h @@ -38,6 +38,8 @@ enum ETAG_ENCODING struct http_header_t; +#define LS_RESP_HDR_DROP (-2) + #define HRH_F_HAS_HOLE 1 #define HRH_F_HAS_PUSH 2 #define HRH_F_LC_NAME 4 diff --git a/src/http/httpvhost.cpp b/src/http/httpvhost.cpp index 100fb19bd..764d3c19b 100644 --- a/src/http/httpvhost.cpp +++ b/src/http/httpvhost.cpp @@ -596,14 +596,18 @@ HttpContext *HttpVHost::setContext(HttpContext *pContext, const char *pUri, int type, const char *pLocation, const char *pHandler, int allowBrowse, int match) { + char appNameVh[256]; const HttpHandler *pHdlr = HandlerFactory::getInstance(type, pHandler); if (!pHdlr) { - LS_ERROR("[%s] Can not find handler with type: %d, name: %s.", - TmpLogId::getLogId(), type, (pHandler) ? pHandler : ""); + getUniAppName(pHandler, appNameVh, 256); + pHdlr = HandlerFactory::getInstance(type, appNameVh); + if (!pHdlr) + LS_ERROR("[%s] Can not find handler with type: %d, name: %s.", + TmpLogId::getLogId(), type, (pHandler) ? pHandler : ""); } - else if (type > HandlerType::HT_CGI) + if (pHdlr && type > HandlerType::HT_CGI) pHdlr = isHandlerAllowed(pHdlr, type, pHandler); if (!pHdlr) { diff --git a/src/http/ntwkiolink.h b/src/http/ntwkiolink.h index 8bee79780..b79dce744 100644 --- a/src/http/ntwkiolink.h +++ b/src/http/ntwkiolink.h @@ -288,6 +288,7 @@ class NtwkIOLink : public LsiSession, public EventReactor, public HioStream void setSSL(SSL *pSSL) { m_pFpList = s_pCur_fp_list_list->m_pSSL; + m_ssl.setLogSession(getLogSession()); m_ssl.setSSL(pSSL); m_ssl.enableRbio(); m_ssl.setfd(getfd()); diff --git a/src/http/rewritemap.cpp b/src/http/rewritemap.cpp index 25d9c501a..2ede60212 100644 --- a/src/http/rewritemap.cpp +++ b/src/http/rewritemap.cpp @@ -38,6 +38,8 @@ KeyData *RewriteMapFile::parseLine(const char *pKey, int keyLen, char *pLine, char *pLineEnd) { RewriteMapData *pData; + if (pLine >= pLineEnd) + return NULL; pData = new RewriteMapData(); if (pData) { diff --git a/src/log4cxx/logger.cpp b/src/log4cxx/logger.cpp index d3421fa82..12ba95030 100644 --- a/src/log4cxx/logger.cpp +++ b/src/log4cxx/logger.cpp @@ -39,14 +39,13 @@ Logger *Logger::s_pDefault = NULL; extern "C" { #endif -void c_log(int level, const char *format, ...) +void c_log(int level, ls_logger_t *log_sess, const char *format, ...) { if ( log4cxx::Level::isEnabled( level ) ) { - log4cxx::Logger *l = log4cxx::Logger::getDefault(); va_list va; va_start(va, format); - l->vlog(level, format, va); + Logger::s_vlog(level, (LogSession *)log_sess, format, va, 0); va_end(va); } } @@ -198,6 +197,7 @@ void Logger::lograw(const struct iovec *pIov, int len) } + void Logger::s_vlog(int level, LogSession *pLogSession, const char *format, va_list args, int flag) { diff --git a/src/log4cxx/logsession.h b/src/log4cxx/logsession.h index d02e6e673..c14ecb3b5 100644 --- a/src/log4cxx/logsession.h +++ b/src/log4cxx/logsession.h @@ -24,7 +24,7 @@ #include #include #include -#include +#include #include #include @@ -34,7 +34,7 @@ BEGIN_LOG4CXX_NS class Logger; END_LOG4CXX_NS -class LogSession +class LogSession : protected ls_logger_s { public: LogSession(); @@ -195,15 +195,6 @@ class LogSession protected: - /* - * m_logId.ptr should always be either NULL or allocated memory of - * at least MAX_LOGID_LEN + 1. logging code assumes sufficient space - * left in buffer. - * m_logId.len should always be 0 (before build or after clear) or the - * length of the base string built during build. loggers modify the buffer - * past len for supplemental info. - */ - ls_str_t m_logId; private: // WARNING: assume LOCKED diff --git a/src/lsiapi/lsiapilib.cpp b/src/lsiapi/lsiapilib.cpp index ae5a246af..d2cd4362f 100644 --- a/src/lsiapi/lsiapilib.cpp +++ b/src/lsiapi/lsiapilib.cpp @@ -861,7 +861,7 @@ static int get_req_headers(const lsi_session_t *session, struct iovec *iov_key, struct iovec *iov_val, int maxIovCount) { HttpSession *pSession = (HttpSession *)((LsiSession *)session); - if (pSession == NULL) + if (pSession == NULL || maxIovCount <= 0) return LS_FAIL; HttpReq *pReq = pSession->getReq(); @@ -880,6 +880,8 @@ static int get_req_headers(const lsi_session_t *session, struct iovec *iov_key, iov_val[index].iov_len = pReq->getHeaderLen(i); ++index; + if (index >= maxIovCount) + return index; } } @@ -900,6 +902,8 @@ static int get_req_headers(const lsi_session_t *session, struct iovec *iov_key, iov_val[index].iov_len = valLen; ++index; + if (index >= maxIovCount) + break; } } diff --git a/src/lsr/ls_offload.h b/src/lsr/ls_offload.h index 955d0b8c6..00d70b31e 100644 --- a/src/lsr/ls_offload.h +++ b/src/lsr/ls_offload.h @@ -48,7 +48,8 @@ struct Offloader *offloader_new2(const char *log_id, int workers, ls_inline struct Offloader *offloader_new(const char *log_id, int workers) { return offloader_new2(log_id, workers, 1, 10, 1); } -int offloader_enqueue(struct Offloader *, struct ls_offload *task); +int offloader_enqueue(struct Offloader *, struct ls_offload *task, + void *log_sess); #ifdef __cplusplus } diff --git a/src/main/configctx.cpp b/src/main/configctx.cpp index 3556563a8..b8eb8c779 100644 --- a/src/main/configctx.cpp +++ b/src/main/configctx.cpp @@ -844,7 +844,7 @@ SslContext *ConfigCtx::newSSLContext(const XmlNode *pNode, } } - config.m_iEnableSpdy = getLongValue(pNode, "enableSpdy", 0, 15, 15); + config.m_iEnableSpdy = getLongValue(pNode, "enableSpdy", 0, 15, 12); config.m_iEnableCache = getLongValue(pNode, "sslSessionCache", 0, 1, 0); config.m_iInsecReneg = !getLongValue(pNode, "regenProtection", 0, 1, 1); config.m_iEnableTicket = getLongValue(pNode, "sslSessionTickets", diff --git a/src/main/httpserver.cpp b/src/main/httpserver.cpp index 176fa47eb..c0dc85684 100644 --- a/src/main/httpserver.cpp +++ b/src/main/httpserver.cpp @@ -2057,8 +2057,8 @@ int HttpServerImpl::configAdminConsole(const XmlNode *pNode) return 0; char achRules[] = - "RewriteCond %{REQUEST_URI} !^/(index|login)\\.php\n" - "RewriteCond %{REQUEST_URI} !^/view/(serviceMgr|confMgr|ajax_data|dashboard|logviewer|compilePHP|realtimestats)\\.php \n" + "RewriteCond %{REQUEST_URI} !^/(index|login)\\.php$\n" + "RewriteCond %{REQUEST_URI} !^/view/(serviceMgr|confMgr|ajax_data|dashboard|logviewer|compilePHP|realtimestats)\\.php$\n" "RewriteRule \\.php - [F]\n"; pVHostAdmin->getRootContext().configRewriteRule(NULL, achRules, NULL); pVHostAdmin->getRootContext().enableRewrite(1); @@ -4035,6 +4035,11 @@ int HttpServerImpl::configLsrecaptchaContexts() Recaptcha::setStaticUrl("/.lsrecap/_recaptcha_custom.shtml"); } + char headers[] = "set cache-control no-cache,no-store\n" + "set x-frame-options SAMEORIGIN\n" ; + pStaticContext->setHeaderOps(ConfigCtx::getCurConfigCtx()->getLogId(), + headers, sizeof(headers) - 1); + HttpContext *pVerifierCtx = pGlobalVHost->addContext(Recaptcha::getDynUrl()->c_str(), HandlerType::HT_LSAPI, NULL, "lsrecaptcha", 1); if (NULL == pVerifierCtx) diff --git a/src/main/lshttpdmain.cpp b/src/main/lshttpdmain.cpp index 2789b844d..36033d9a1 100644 --- a/src/main/lshttpdmain.cpp +++ b/src/main/lshttpdmain.cpp @@ -81,7 +81,7 @@ /*** * Do not change the below format, it will be set correctly while packing the code */ -#define BUILDTIME "built: Fri May 13 19:00:23 UTC 2022" +#define BUILDTIME "built: Mon Oct 17 21:33:28 UTC 2022" static const char s_pVersionFull[] = "LiteSpeed/" PACKAGE_VERSION " Open (" LS_MODULE_VERSION_INFO_ONELINE ") BUILD (" BUILDTIME ")"; diff --git a/src/modules/modsecurity-ls/mod_security.cpp b/src/modules/modsecurity-ls/mod_security.cpp index 4415574b3..ec07d0658 100644 --- a/src/modules/modsecurity-ls/mod_security.cpp +++ b/src/modules/modsecurity-ls/mod_security.cpp @@ -31,8 +31,8 @@ class session; #define MODULE_VERSION_INFO ModuleNameStr " " VERSIONNUMBER -#define MAX_RESP_HEADERS_NUMBER 50 -#define MAX_REQ_HEADERS_NUMBER 50 +#define MAX_RESP_HEADERS_NUMBER 200 +#define MAX_REQ_HEADERS_NUMBER 200 #define STATUS_OK 200 #define CHECKBODYTRUE (RulesSetProperties::TrueConfigBoolean) ///////////////////////////////////////////////////////////////////////////// diff --git a/src/quic/quicengine.cpp b/src/quic/quicengine.cpp index e939c97c4..abfbad322 100644 --- a/src/quic/quicengine.cpp +++ b/src/quic/quicengine.cpp @@ -297,7 +297,10 @@ void QuicEngine::onConnClosed(lsquic_conn_t *c) LS_DBG_H("QuicEngine::onConnClosed (%p)\n", c); ClientInfo *pClientInfo = (ClientInfo *)h; if (pClientInfo) + { pClientInfo->decConn(); + lsquic_conn_set_ctx(c, NULL); + } s_active_conns--; LS_DBG_H("[%s] [CLC] QUIC engine decrease connection count 1, current: %u.", pClientInfo ? pClientInfo->getAddrString() : "N/A", s_active_conns); diff --git a/src/quic/quicshm.cpp b/src/quic/quicshm.cpp index 9b9818564..74d7db68b 100644 --- a/src/quic/quicshm.cpp +++ b/src/quic/quicshm.cpp @@ -318,12 +318,10 @@ int QuicShm::lookupItem(void *hash_ctx, const void *key, unsigned key_sz, void * return -1; } - void *key_copy = malloc(key_len); - memcpy(key_copy, p, key_len); + void *key_copy = p; p += key_len; - *data = (char *)malloc(data_len); - memcpy(*data, p, data_len); + *data = p; *data_sz = data_len; pInternalShi->shi_insert(pInternalShiCtx, key_copy, key_sz, *data, diff --git a/src/quic/udplistener.cpp b/src/quic/udplistener.cpp index 47bf2af0e..0189122c0 100644 --- a/src/quic/udplistener.cpp +++ b/src/quic/udplistener.cpp @@ -630,7 +630,10 @@ ssize_t UdpListener::send(struct iovec *iov, size_t iovlen, const struct sockaddr *src, const struct sockaddr *dest, int ecn) { if (getEvents() & POLLOUT) + { + errno = EAGAIN; return -1; + } ssize_t ret = sendPacket(iov, iovlen, src, dest, ecn); if (ret == -1 && (errno == EAGAIN || errno == EWOULDBLOCK || errno == ENOBUFS)) { @@ -666,7 +669,10 @@ int UdpListener::sendPackets(const struct lsquic_out_spec *spec, } ancil [ sizeof(mmsgs) / sizeof(mmsgs[0]) ]; if (getEvents() & POLLOUT) + { + errno = EAGAIN; return -1; + } for (i = 0; spec < end && i < sizeof(mmsgs) / sizeof(mmsgs[0]); ++i, ++spec) { @@ -1694,10 +1700,10 @@ int UdpListener::setSockOptions(int fd) strerror(errno)); } - if (AF_INET == m_addr.get()->sa_family) + if (AF_INET == m_addr.family()) { #if __linux__ - val = IP_PMTUDISC_DO; + val = IP_PMTUDISC_PROBE; ret = setsockopt(fd, IPPROTO_IP, IP_MTU_DISCOVER, &val, sizeof(val)); #elif WIN32 val = 1; @@ -1711,7 +1717,14 @@ int UdpListener::setSockOptions(int fd) return -1; } } - + else if (AF_INET6 == m_addr.family()) + { +#if __linux__ + val = IP_PMTUDISC_PROBE; + ret = setsockopt(getfd(), IPPROTO_IPV6, IPV6_MTU_DISCOVER, + &val, sizeof(val)); +#endif + } return ret; } diff --git a/src/sslpp/hiocrypto.h b/src/sslpp/hiocrypto.h index 0473d8752..d1a207d0e 100644 --- a/src/sslpp/hiocrypto.h +++ b/src/sslpp/hiocrypto.h @@ -35,7 +35,7 @@ class HioCrypto }; HioCrypto() {} virtual ~HioCrypto() {} - + virtual int getEnv(HioCrypto::ENV id, char *&val,int maxValLen) = 0; virtual X509 *getPeerCertificate() const { return NULL; } @@ -45,7 +45,7 @@ class HioCrypto { return 0; } int buildVerifyErrorString(char *pBuf, int len) const { return 0; } - + }; diff --git a/src/sslpp/ls_fdbuf_bio.c b/src/sslpp/ls_fdbuf_bio.c index ea32b49e6..3e6943616 100644 --- a/src/sslpp/ls_fdbuf_bio.c +++ b/src/sslpp/ls_fdbuf_bio.c @@ -42,12 +42,12 @@ #ifdef DEBUGGING #ifdef TEST_PGM -#define DEBUG_MESSAGE(...) printf(__VA_ARGS__); -#define INFO_MESSAGE(...) printf(__VA_ARGS__); +#define DEBUG_MESSAGE(fdbio, ...) printf(__VA_ARGS__); +#define INFO_MESSAGE(fdbio, ...) printf(__VA_ARGS__); #else #include -#define DEBUG_MESSAGE(...) LSR_DBG_H(__VA_ARGS__); -#define INFO_MESSAGE(... ) LSR_INFO(__VA_ARGS__); +#define DEBUG_MESSAGE(fdbio, ...) LSR_DBG_H(fdbio->m_logger, __VA_ARGS__); +#define INFO_MESSAGE(fdbio, ... ) LSR_INFO(fdbio->m_logger, __VA_ARGS__); #endif #else @@ -101,7 +101,7 @@ int ls_fdbio_alloc_rbuff(ls_fdbio_data *fdbio, int size) assert(fdbio->m_rbuf_used == fdbio->m_rbuf_read); if ((fdbio->m_flag & LS_FDBIO_RBUF_ALLOC) && fdbio->m_rbuf_size >= size) return LS_OK; - DEBUG_MESSAGE("[FDBIO] alloc read buf %d\n", size); + DEBUG_MESSAGE(fdbio, "[FDBIO] alloc read buf %d\n", size); void *buf = ls_palloc(size); if (buf) { @@ -115,7 +115,7 @@ int ls_fdbio_alloc_rbuff(ls_fdbio_data *fdbio, int size) } else { - DEBUG_MESSAGE("Insufficient memory allocating rbuff %d bytes\n", size); + DEBUG_MESSAGE(fdbio, "Insufficient memory allocating rbuff %d bytes\n", size); errno = ENOMEM; return LS_FAIL; } @@ -127,7 +127,7 @@ void ls_fdbio_release_rbuff(ls_fdbio_data *fdbio) if ((fdbio->m_flag & LS_FDBIO_RBUF_ALLOC) == 0) return; assert(fdbio->m_rbuf_used == fdbio->m_rbuf_read); - DEBUG_MESSAGE("[FDBIO] free rbuf %d\n", (int)fdbio->m_rbuf_size); + DEBUG_MESSAGE(fdbio, "[FDBIO] free rbuf %d\n", (int)fdbio->m_rbuf_size); ls_pfree(fdbio->m_rbuf); fdbio->m_rbuf = NULL; fdbio->m_flag &= ~LS_FDBIO_RBUF_ALLOC; @@ -160,16 +160,16 @@ static int bio_fd_read(BIO *b, char *out, int outl) ls_fdbio_data *fdbio = LS_FDBUF_FROM_BIO(b); int fd = BIO_get_fd(b, 0); int total = 0; - DEBUG_MESSAGE("[BIO] bio_fd_read((%p:%d), %p, %d)\n", b, fd, out, outl); + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_read((%p:%d), %p, %d)\n", b, fd, out, outl); if ((out == NULL) || (!outl)) { - INFO_MESSAGE("[BIO] bio_fd_read NO BUFFER!!\n"); + INFO_MESSAGE(fdbio, "[BIO] bio_fd_read NO BUFFER!!\n"); err = EINVAL; return -1; } if (fdbio->m_flag & LS_FDBIO_CLOSED) { - DEBUG_MESSAGE("[BIO] bio_fd_read: CLOSED ON PREVIOUS READ\n"); + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_read: CLOSED ON PREVIOUS READ\n"); errno = 0; return 0; } @@ -185,14 +185,14 @@ static int bio_fd_read(BIO *b, char *out, int outl) if (buffered) { copy = (buffered > rd_remain) ? rd_remain : buffered; - DEBUG_MESSAGE("[BIO] bio_fd_read: Use existing buffer %d/%d\n", + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_read: Use existing buffer %d/%d\n", copy, buffered); memcpy(&out[total], buf + fdbio->m_rbuf_read, copy); fdbio->m_rbuf_read += copy; total += copy; if (total >= outl) { - DEBUG_MESSAGE("[BIO] bio_fd_read(%p, %d) return %d\n", + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_read(%p, %d) return %d\n", out, outl, total); return total; } @@ -210,7 +210,7 @@ static int bio_fd_read(BIO *b, char *out, int outl) || ls_fdbio_alloc_rbuff(fdbio, fdbio->m_rbuf_size) == LS_OK)) { ret = ls_read(fd, fdbio->m_rbuf, fdbio->m_rbuf_size); - DEBUG_MESSAGE("[BIO] bio_fd_read: read into buffer (%p, %d) = %d\n", + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_read: read into buffer (%p, %d) = %d\n", fdbio->m_rbuf, fdbio->m_rbuf_size, ret); if (ret < fdbio->m_rbuf_size) fdbio->m_flag |= LS_FDBIO_NEED_READ_EVT; @@ -225,7 +225,7 @@ static int bio_fd_read(BIO *b, char *out, int outl) iov[1].iov_len = 5; ret = ls_readv(fd, iov, 2); - DEBUG_MESSAGE("[BIO] bio_fd_read: Read into data(%p, %d) ret: %d\n", + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_read: Read into data(%p, %d) ret: %d\n", out + total, rd_remain, ret); if (ret < rd_remain) { @@ -242,7 +242,7 @@ static int bio_fd_read(BIO *b, char *out, int outl) } if (ret == 0) { - DEBUG_MESSAGE("[BIO] bio_fd_read: CLOSED\n"); + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_read: CLOSED\n"); fdbio->m_flag |= LS_FDBIO_CLOSED; errno = 0; return total; @@ -250,16 +250,16 @@ static int bio_fd_read(BIO *b, char *out, int outl) if (ret < 0) { err = errno; - DEBUG_MESSAGE("[BIO] bio_fd_read: Read error: (%d) %s \n", + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_read: Read error: (%d) %s \n", err, strerror(err)); if (total) { - DEBUG_MESSAGE("[BIO] bio_fd_read: error but I have data\n"); + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_read: error but I have data\n"); return total; } if ((SIMPLE_RETRY(err)) || (BIO_fd_should_retry(ret))) { - DEBUG_MESSAGE("[BIO] bio_fd_read: set retry read" + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_read: set retry read" " errno: %d\n", err); errno = err; BIO_set_retry_read(b); @@ -270,7 +270,7 @@ static int bio_fd_read(BIO *b, char *out, int outl) { fdbio->m_rbuf_used = buffered; fdbio->m_rbuf_read = 0; - DEBUG_MESSAGE("[BIO] bio_fd_read: Preserve read: %d\n", ret); + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_read: Preserve read: %d\n", ret); } } return total; @@ -279,7 +279,7 @@ static int bio_fd_read(BIO *b, char *out, int outl) int ls_fdbio_alloc_wbuff(ls_fdbio_data *fdbio, int size) { - DEBUG_MESSAGE("[FDBIO] alloc write buf %d\n", size); + DEBUG_MESSAGE(fdbio, "[FDBIO] alloc write buf %d\n", size); assert(fdbio->m_wbuf_used == 0); if (fdbio->m_wbuf && fdbio->m_wbuf_size >= size) return LS_OK; @@ -302,7 +302,7 @@ void ls_fdbio_release_wbuff(ls_fdbio_data *fdbio) assert(fdbio->m_wbuf_used == 0); if (fdbio->m_wbuf == NULL) return; - DEBUG_MESSAGE("[FDBIO] free wbuf %d\n", (int)fdbio->m_wbuf_size); + DEBUG_MESSAGE(fdbio, "[FDBIO] free wbuf %d\n", (int)fdbio->m_wbuf_size); ls_pfree(fdbio->m_wbuf); fdbio->m_wbuf_size = 0; fdbio->m_wbuf = NULL; @@ -311,7 +311,7 @@ void ls_fdbio_release_wbuff(ls_fdbio_data *fdbio) static int ls_fdbio_combine_write(ls_fdbio_data *fdbio, int fd, const void *buf, int num) { - DEBUG_MESSAGE("[FDBIO] ls_fdbio_combine_write, to write: %d, used: %d, sent: %d\n", + DEBUG_MESSAGE(fdbio, "[FDBIO] ls_fdbio_combine_write, to write: %d, used: %d, sent: %d\n", num, (int)fdbio->m_wbuf_used, (int)fdbio->m_wbuf_sent); struct iovec iov[2]; iov[0].iov_base = fdbio->m_wbuf + fdbio->m_wbuf_sent; @@ -319,7 +319,7 @@ static int ls_fdbio_combine_write(ls_fdbio_data *fdbio, int fd, const void *buf, iov[1].iov_base = (void *)buf; iov[1].iov_len = num; int ret = ls_writev(fd, iov, 2); - DEBUG_MESSAGE("[FDBIO] ls_writev(%d + %d) ret: %d\n", + DEBUG_MESSAGE(fdbio, "[FDBIO] ls_writev(%d + %d) ret: %d\n", (int)iov[0].iov_len, (int)iov[1].iov_len, ret); if (ret > 0) { @@ -341,7 +341,7 @@ static int ls_fdbio_combine_write(ls_fdbio_data *fdbio, int fd, const void *buf, errno = EWOULDBLOCK; } } - DEBUG_MESSAGE("[FDBIO] combine_write ret: %d, buffer used: %d, sent: %d\n", + DEBUG_MESSAGE(fdbio, "[FDBIO] combine_write ret: %d, buffer used: %d, sent: %d\n", ret, fdbio->m_wbuf_used, fdbio->m_wbuf_sent); return ret; } @@ -350,7 +350,7 @@ static int ls_fdbio_combine_write(ls_fdbio_data *fdbio, int fd, const void *buf, #define TLS_RECORD_MAX_SIZE 16413 static int ls_fdbio_buff_write(ls_fdbio_data *fdbio, int fd, const void *buf, int num) { - DEBUG_MESSAGE("[FDBIO] ls_fdbio_buff_write, to write: %d, used: %d, sent: %d\n", + DEBUG_MESSAGE(fdbio, "[FDBIO] ls_fdbio_buff_write, to write: %d, used: %d, sent: %d\n", num, (int)fdbio->m_wbuf_used, (int)fdbio->m_wbuf_sent); if (!fdbio->m_wbuf) { @@ -381,7 +381,7 @@ static int ls_fdbio_buff_write(ls_fdbio_data *fdbio, int fd, const void *buf, in return LS_FAIL; memmove(fdbio->m_wbuf + fdbio->m_wbuf_used, buf, num); fdbio->m_wbuf_used += num; - DEBUG_MESSAGE("[FDBIO] lstls_buff_write, to write: %d, finished: %d, used: %d, sent: %d\n", + DEBUG_MESSAGE(fdbio, "[FDBIO] lstls_buff_write, to write: %d, finished: %d, used: %d, sent: %d\n", num, num, (int)fdbio->m_wbuf_used, (int)fdbio->m_wbuf_sent); return num; } @@ -396,13 +396,13 @@ int ls_fdbio_flush(ls_fdbio_data *fdbio, int fd) return 1; int ret = ls_write(fd, fdbio->m_wbuf + fdbio->m_wbuf_sent, pending); int err = errno; - DEBUG_MESSAGE("[FDBIO] flush_ex write(%d, %p, %d) return %d, errno: %d\n", + DEBUG_MESSAGE(fdbio, "[FDBIO] flush_ex write(%d, %p, %d) return %d, errno: %d\n", fd, fdbio->m_wbuf + fdbio->m_wbuf_sent, pending, ret, err); if (ret >= pending) { fdbio->m_wbuf_used = 0; fdbio->m_wbuf_sent = 0; - DEBUG_MESSAGE("[FDBIO] FLUSHED\n"); + DEBUG_MESSAGE(fdbio, "[FDBIO] FLUSHED\n"); return 1; } else @@ -416,7 +416,7 @@ int ls_fdbio_flush(ls_fdbio_data *fdbio, int fd) errno = err; return -1; } - DEBUG_MESSAGE("[FDBIO] partial write, mark WBLOCK.\n"); + DEBUG_MESSAGE(fdbio, "[FDBIO] partial write, mark WBLOCK.\n"); fdbio->m_flag |= LS_FDBIO_WBLOCK; } return 0; @@ -430,10 +430,10 @@ static int bio_fd_write(BIO *b, const char *in, int inl) int fd = BIO_get_fd(b, 0); ls_fdbio_data *fdbio = LS_FDBUF_FROM_BIO(b); - DEBUG_MESSAGE("[FDBIO] bio_fd_write: %p, %d bytes on %d\n", b, inl, fd); + DEBUG_MESSAGE(fdbio, "[FDBIO] bio_fd_write: %p, %d bytes on %d\n", b, inl, fd); if (fdbio->m_flag & LS_FDBIO_WBLOCK) { - DEBUG_MESSAGE("[FDBIO] bio_fd_write, FDBIO_WBLOCK flag is set, set errno to EAGAIN\n"); + DEBUG_MESSAGE(fdbio, "[FDBIO] bio_fd_write, FDBIO_WBLOCK flag is set, set errno to EAGAIN\n"); BIO_set_retry_write(b); errno = EAGAIN; return -1; @@ -457,7 +457,7 @@ static int bio_fd_write(BIO *b, const char *in, int inl) err = errno; if ((ret == -1) && (!(SIMPLE_RETRY(err))) && (!BIO_fd_should_retry(ret))) { - DEBUG_MESSAGE("[FDBIO] bio_fd_write: actual write failed, errno: %d\n", + DEBUG_MESSAGE(fdbio, "[FDBIO] bio_fd_write: actual write failed, errno: %d\n", err); return ret; } @@ -465,7 +465,7 @@ static int bio_fd_write(BIO *b, const char *in, int inl) if (ret < 0) { if ((BIO_fd_should_retry(ret)) || (SIMPLE_RETRY(err))) { - DEBUG_MESSAGE("[FDBIO] bio_fd_write: %p, early return, errno: %d," + DEBUG_MESSAGE(fdbio, "[FDBIO] bio_fd_write: %p, early return, errno: %d," " ret: %d\n", b, err, ret); BIO_set_retry_write(b); errno = EAGAIN; @@ -474,7 +474,7 @@ static int bio_fd_write(BIO *b, const char *in, int inl) } } - DEBUG_MESSAGE("[FDBIO] bio_fd_write: %p, returning: %d\n", b, ret); + DEBUG_MESSAGE(fdbio, "[FDBIO] bio_fd_write: %p, returning: %d\n", b, ret); errno = err; return ret; } @@ -483,8 +483,9 @@ static int bio_fd_write(BIO *b, const char *in, int inl) static int bio_fd_puts(BIO *bp, const char *str) { int n, ret; - - DEBUG_MESSAGE("[FDBIO] bio_fd_puts: %p, %s\n", bp, str); + + ls_fdbio_data *fdbio = LS_FDBUF_FROM_BIO(bp); + DEBUG_MESSAGE(fdbio, "[FDBIO] bio_fd_puts: %p, %s\n", bp, str); n = strlen(str); ret = bio_fd_write(bp, str, n); @@ -497,8 +498,9 @@ static int bio_fd_gets(BIO *bp, char *buf, int size) int ret = 0; char *ptr = buf; char *end = buf + size - 1; - - DEBUG_MESSAGE("[BIO] bio_fd_gets: %p\n", bp); + + ls_fdbio_data *fdbio = LS_FDBUF_FROM_BIO(bp); + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_gets: %p\n", bp); while (ptr < end && bio_fd_read(bp, ptr, 1) > 0) { if (*ptr++ == '\n') @@ -577,7 +579,7 @@ static int setup_writes(ls_fdbio_data *fdbio) { if (!fdbio) return 0; - DEBUG_MESSAGE("[BIO] setup_writes\n"); + DEBUG_MESSAGE(fdbio, "[BIO] setup_writes\n"); return 0; } @@ -586,7 +588,7 @@ BIO *ls_fdbio_create(int fd, ls_fdbio_data *fdbio) { if (!s_biom) { - DEBUG_MESSAGE("[BIO] ls_fdbio_create METHOD\n"); + DEBUG_MESSAGE(fdbio, "[BIO] ls_fdbio_create METHOD\n"); s_biom_fd_builtin = BIO_s_fd(); #if OPENSSL_VERSION_NUMBER >= 0x10100000 @@ -594,7 +596,7 @@ BIO *ls_fdbio_create(int fd, ls_fdbio_data *fdbio) BIO_TYPE_FD | BIO_TYPE_SOURCE_SINK | BIO_TYPE_DESCRIPTOR, "Litespeed BIO Method"))) { - DEBUG_MESSAGE("[BIO] ERROR creating BIO_METHOD\n"); + DEBUG_MESSAGE(fdbio, "[BIO] ERROR creating BIO_METHOD\n"); return NULL; } #ifdef OPENSSL_IS_BORINGSSL @@ -624,7 +626,7 @@ BIO *ls_fdbio_create(int fd, ls_fdbio_data *fdbio) BIO *bio = BIO_new(s_biom); if (!bio) { - DEBUG_MESSAGE("[BIO: %p] ls_fdbio_create error creating rbio\n", + DEBUG_MESSAGE(fdbio, "[BIO: %p] ls_fdbio_create error creating rbio\n", fdbio); // everything freed in the destructor return NULL; @@ -635,7 +637,7 @@ BIO *ls_fdbio_create(int fd, ls_fdbio_data *fdbio) #else BIO_set_app_data(bio, fdbio); #endif - DEBUG_MESSAGE("[BIO] ls_fdbio_create bio: %p\n", + DEBUG_MESSAGE(fdbio, "[BIO] ls_fdbio_create bio: %p\n", bio); setup_writes(fdbio); @@ -646,12 +648,12 @@ BIO *ls_fdbio_create(int fd, ls_fdbio_data *fdbio) static int bio_fd_free(BIO *a) { ls_fdbio_data *fdbio; - DEBUG_MESSAGE("[BIO] bio_fd_free: %p\n", a); if (a == NULL) return 0; fdbio = LS_FDBUF_FROM_BIO(a); if (!fdbio) return 1; + DEBUG_MESSAGE(fdbio, "[BIO] bio_fd_free: %p\n", a); fdbio->m_rbuf_used = fdbio->m_rbuf_read = 0; ls_fdbio_release_rbuff(fdbio); fdbio->m_wbuf_used = 0; diff --git a/src/sslpp/ls_fdbuf_bio.h b/src/sslpp/ls_fdbuf_bio.h index ab5f106f8..0f8398e52 100644 --- a/src/sslpp/ls_fdbuf_bio.h +++ b/src/sslpp/ls_fdbuf_bio.h @@ -20,8 +20,9 @@ #define __LS_FDBUF_BIO_H__ #include +#include -#ifdef __cplusplus +#ifdef __cplusplus extern "C" { #endif @@ -32,6 +33,7 @@ extern "C" { */ typedef struct ls_fdbio_data { + ls_logger_t *m_logger; uint8_t *m_rbuf; uint16_t m_rbuf_max_block; uint16_t m_rbuf_used; @@ -55,16 +57,16 @@ enum LS_FDBIO_FLAG }; /** - * @brief ls_fdbuf_bio_init called during the connection constructor, + * @brief ls_fdbuf_bio_init called during the connection constructor, * initializes the BIO access. - * @param[out] fdbio is initialized for later use. + * @param[out] fdbio is initialized for later use. * @return None. */ void ls_fdbuf_bio_init(ls_fdbio_data *fdbio); /** - * @brief ls_fdbio_create initializes the use of BIOs. Call once per + * @brief ls_fdbio_create initializes the use of BIOs. Call once per * connection. * @param[in] fd The socket fd for the connection. * @param[out] fdbio ls_fdbuf_bio to be used as the BIO for the connection. @@ -112,7 +114,7 @@ ls_inline int ls_fdbio_is_wblock(ls_fdbio_data *fdbio) ls_inline void ls_fdbio_clear_wblock(ls_fdbio_data *fdbio) { fdbio->m_flag &= ~LS_FDBIO_WBLOCK; } -#ifdef __cplusplus +#ifdef __cplusplus } #endif diff --git a/src/sslpp/sslasyncpk.cpp b/src/sslpp/sslasyncpk.cpp index 65c80fa2d..253d9ad31 100644 --- a/src/sslpp/sslasyncpk.cpp +++ b/src/sslpp/sslasyncpk.cpp @@ -78,16 +78,16 @@ static ssl_private_key_result_t AsyncPrivateKeyDecrypt( static ssl_private_key_result_t AsyncPrivateKeyComplete( SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out); -static const SSL_PRIVATE_KEY_METHOD s_async_private_key_method = +static const SSL_PRIVATE_KEY_METHOD s_async_private_key_method = { AsyncPrivateKeySign, AsyncPrivateKeyDecrypt, AsyncPrivateKeyComplete }; static ssl_private_key_result_t AsyncPrivateKeySign( - SSL* ssl, uint8_t* out, size_t* out_len, size_t max_out, + SSL* ssl, uint8_t* out, size_t* out_len, size_t max_out, uint16_t signature_algorithm, const uint8_t* in, size_t in_len) { ssl_apk_offload_t *data = (ssl_apk_offload_t *)SSL_get_ex_data(ssl, s_ssl_apk_index); - + if (!data) { DEBUG_MESSAGE("[SSL: %p] AsyncPrivateKeySign method not defined\n", ssl); @@ -128,7 +128,7 @@ static ssl_private_key_result_t AsyncPrivateKeySign( ERROR_MESSAGE("[SSL: %p] AsyncPrivateKeySign unable to allocate memory:" " %ld bytes\n", ssl, in_len + max_out); return ssl_private_key_failure; - } + } data->m_in = (uint8_t *)data->m_sign + max_out; memcpy(data->m_in, in, in_len); data->m_in_len = in_len; @@ -136,7 +136,7 @@ static ssl_private_key_result_t AsyncPrivateKeySign( DEBUG_MESSAGE("[SSL: %p] AsyncPrivateKeySign add job: %p, max_out: %ld, " "in_len: %ld\n", ssl, data, max_out, in_len); - if (offloader_enqueue(s_offloader, &data->m_header) == LS_FAIL) + if (offloader_enqueue(s_offloader, &data->m_header, NULL) == LS_FAIL) { ERROR_MESSAGE("[SSL: %p] AsyncPrivateKeySign SSL add of job of sign " "failed\n", ssl); @@ -153,8 +153,8 @@ static ssl_private_key_result_t AsyncPrivateKeySign( } -static ssl_private_key_result_t AsyncPrivateKeyComplete(SSL *ssl, - uint8_t *out, size_t *out_len, size_t max_out) +static ssl_private_key_result_t AsyncPrivateKeyComplete(SSL *ssl, + uint8_t *out, size_t *out_len, size_t max_out) { ssl_apk_offload_t *data = (ssl_apk_offload_t *)SSL_get_ex_data(ssl, s_ssl_apk_index); diff --git a/src/sslpp/sslcertcomp.cpp b/src/sslpp/sslcertcomp.cpp index ac5dbb9c1..4944e4fb4 100644 --- a/src/sslpp/sslcertcomp.cpp +++ b/src/sslpp/sslcertcomp.cpp @@ -68,7 +68,7 @@ static bool s_activate_decomp = false; static int s_iBrCompressLevel = 6; static int s_iSSL_CTX_index = -1; -static void freeCtxData(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, +static void freeCtxData(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp) { assert(idx == s_iSSL_CTX_index); @@ -80,8 +80,8 @@ static void freeCtxData(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, } -static SslCertComp::comp_cache_t *cache_data(SSL_CTX *ctx, - SslCertComp::comp_cache_t *cache, +static SslCertComp::comp_cache_t *cache_data(SSL_CTX *ctx, + SslCertComp::comp_cache_t *cache, int in_size, char *readBuffer, size_t len) { @@ -92,41 +92,41 @@ static SslCertComp::comp_cache_t *cache_data(SSL_CTX *ctx, return NULL; cache->m_input_len = in_size; cache->m_len = len; - memcpy(cache->m_comp, readBuffer, len); + memcpy(cache->m_comp, readBuffer, len); } else { SslCertComp::comp_cache_t *recache; - recache = (SslCertComp::comp_cache_t *)ls_prealloc(cache, cache->m_len + + recache = (SslCertComp::comp_cache_t *)ls_prealloc(cache, cache->m_len + sizeof(int) * 2 + len); if (recache) { memcpy(&recache->m_comp[recache->m_len], readBuffer, len); - recache->m_len += len; + recache->m_len += len; cache = recache; } - else + else { return NULL; - } + } } SSL_CTX_set_ex_data(ctx, s_iSSL_CTX_index, (void *)cache); return cache; } -static int certCompressFunc(SSL *ssl, CBB *out, const uint8_t *in_data, - size_t in_size, -#ifdef ZBUF_H - Zbuf *zbuf, +static int certCompressFunc(SSL *ssl, CBB *out, const uint8_t *in_data, + size_t in_size, +#ifdef ZBUF_H + Zbuf *zbuf, #else Compressor *zbuf, -#endif +#endif int level) { DEBUG_MESSAGE("[SSLCertComp] Compressing %ld bytes\n", in_size); SSL_CTX *ctx = SSL_get_SSL_CTX(ssl); - + SslCertComp::comp_cache_t *cache; cache = (SslCertComp::comp_cache_t *)SSL_CTX_get_ex_data(ctx, s_iSSL_CTX_index); if (cache) @@ -149,15 +149,15 @@ static int certCompressFunc(SSL *ssl, CBB *out, const uint8_t *in_data, cache = NULL; } } - + VMemBuf vmembuf; - - if (vmembuf.set(VMBUF_MALLOC, -#ifdef ZBUF_H + + if (vmembuf.set(VMBUF_MALLOC, +#ifdef ZBUF_H in_size #else (int)in_size -#endif +#endif ) == LS_FAIL) { ERROR_MESSAGE("[SSLCertComp] Unable to set memory buffer\n"); @@ -165,15 +165,15 @@ static int certCompressFunc(SSL *ssl, CBB *out, const uint8_t *in_data, } zbuf->setCompressCache(&vmembuf); if (zbuf->init( -#ifdef ZBUF_H - Zbuf::MODE_COMPRESS, +#ifdef ZBUF_H + Zbuf::MODE_COMPRESS, #else Compressor::COMPRESSOR_COMPRESS, -#endif +#endif level -#ifdef ZBUF_H +#ifdef ZBUF_H , 0 -#endif +#endif ) == LS_FAIL) { ERROR_MESSAGE("[SSLCertComp] Unable to initialize compression\n"); @@ -220,7 +220,7 @@ static int certCompressFunc(SSL *ssl, CBB *out, const uint8_t *in_data, } -static int certCompressFuncBrotli(SSL *ssl, CBB *out, const uint8_t *in, +static int certCompressFuncBrotli(SSL *ssl, CBB *out, const uint8_t *in, size_t in_len) { BrotliBuf brotBuf; @@ -229,26 +229,26 @@ static int certCompressFuncBrotli(SSL *ssl, CBB *out, const uint8_t *in, static int certDecompressFunc(SSL *ssl, CRYPTO_BUFFER **out, - size_t uncompressed_len, const uint8_t *in, + size_t uncompressed_len, const uint8_t *in, size_t in_len, -#ifdef ZBUF_H - Zbuf *zbuf, +#ifdef ZBUF_H + Zbuf *zbuf, #else Compressor *zbuf, -#endif +#endif int level) { DEBUG_MESSAGE("[SSLCertComp] Decompressing %ld bytes to %ld bytes\n", in_len, uncompressed_len); VMemBuf vmembuf; - - if (vmembuf.set(VMBUF_MALLOC, -#ifdef ZBUF_H + + if (vmembuf.set(VMBUF_MALLOC, +#ifdef ZBUF_H in_len #else (int)in_len -#endif +#endif ) == LS_FAIL) { ERROR_MESSAGE("[SSLCertComp] Decompress Unable to set memory buffer\n"); @@ -256,15 +256,15 @@ static int certDecompressFunc(SSL *ssl, CRYPTO_BUFFER **out, } zbuf->setCompressCache(&vmembuf); if (zbuf->init( -#ifdef ZBUF_H - Zbuf::MODE_DECOMPRESS, +#ifdef ZBUF_H + Zbuf::MODE_DECOMPRESS, #else Compressor::COMPRESSOR_DECOMPRESS, -#endif +#endif level -#ifdef ZBUF_H +#ifdef ZBUF_H , 0 -#endif +#endif ) == LS_FAIL) { ERROR_MESSAGE("[SSLCertComp] Unable to initialize decompression\n"); @@ -323,7 +323,7 @@ static int certDecompressFunc(SSL *ssl, CRYPTO_BUFFER **out, static int certDecompressFuncBrotli(SSL *ssl, CRYPTO_BUFFER **out, - size_t uncompressed_len, const uint8_t *in, + size_t uncompressed_len, const uint8_t *in, size_t in_len) { BrotliBuf brotBuf; @@ -342,26 +342,26 @@ SslCertComp::~SslCertComp() void SslCertComp::activateComp(bool activate) -{ +{ DEBUG_MESSAGE("[SSLCertComp] %sactivating compression!\n", activate ? "" : "de"); - s_activate_comp = activate; + s_activate_comp = activate; if ((activate) && (s_iSSL_CTX_index < 0)) s_iSSL_CTX_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, freeCtxData); } void SslCertComp::activateDecomp(bool activate) -{ +{ DEBUG_MESSAGE("[SSLCertComp] %sactivating decompression!\n", activate ? "" : "de"); - s_activate_decomp = activate; + s_activate_decomp = activate; if ((activate) && (s_iSSL_CTX_index < 0)) s_iSSL_CTX_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, freeCtxData); } void SslCertComp::setBrCompressLevel(int level) -{ - s_iBrCompressLevel = level; +{ + s_iBrCompressLevel = level; } @@ -376,7 +376,7 @@ void SslCertComp::enableCertComp(SSL_CTX *ctx) { if (s_iSSL_CTX_index < 0) s_iSSL_CTX_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, freeCtxData); - + if (!(SSL_CTX_add_cert_compression_alg(ctx, TLSEXT_cert_compression_brotli, certCompressFuncBrotli, NULL))) INFO_MESSAGE("[SSL_CTX:%p] Requested cert compression but unable to " @@ -388,7 +388,7 @@ void SslCertComp::enableCertComp(SSL_CTX *ctx) DEBUG_MESSAGE("[SSL_CTX:%p] Cert compression not enabled\n", ctx); } - + void SslCertComp::enableCertDecomp(SSL_CTX *ctx) { DEBUG_MESSAGE("[SSLCertComp] enableCertDecomp: %p\n", ctx); @@ -396,7 +396,7 @@ void SslCertComp::enableCertDecomp(SSL_CTX *ctx) { if (s_iSSL_CTX_index < 0) s_iSSL_CTX_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, freeCtxData); - + if (!(SSL_CTX_add_cert_compression_alg(ctx, TLSEXT_cert_compression_brotli, NULL, certDecompressFuncBrotli))) INFO_MESSAGE("[SSLCertComp] Requested cert decompression but unable to " @@ -406,5 +406,5 @@ void SslCertComp::enableCertDecomp(SSL_CTX *ctx) DEBUG_MESSAGE("[SSLCertComp] Cert decompression not enabled\n"); } - + #endif // SSLCERTCOMP diff --git a/src/sslpp/sslcertcomp.h b/src/sslpp/sslcertcomp.h index 61e2ee8bc..4d8783ede 100644 --- a/src/sslpp/sslcertcomp.h +++ b/src/sslpp/sslcertcomp.h @@ -30,20 +30,20 @@ #include -class SslCertComp +class SslCertComp { - SslCertComp(); + SslCertComp(); ~SslCertComp(); - + public: - typedef struct + typedef struct { int m_input_len; int m_len; uint8_t m_comp[1]; } comp_cache_t; - - static void activateComp(bool activate); + + static void activateComp(bool activate); static void activateDecomp(bool activate); static void enableCertComp(SSL_CTX *ctx); static void enableCertDecomp(SSL_CTX *ctx); diff --git a/src/sslpp/sslconnection.cpp b/src/sslpp/sslconnection.cpp index 768d2e76f..2f1d2e2ec 100644 --- a/src/sslpp/sslconnection.cpp +++ b/src/sslpp/sslconnection.cpp @@ -19,6 +19,7 @@ #include "sslconnection.h" #include +#include #include #include #if __cplusplus <= 199711L && !defined(static_assert) @@ -49,8 +50,8 @@ #define DEBUG_MESSAGE(...) printf(__VA_ARGS__); #define ERROR_MESSAGE(...) fprintf(stderr, __VA_ARGS__); #else -#define DEBUG_MESSAGE(...) LS_DBG_L(__VA_ARGS__) -#define ERROR_MESSAGE(...) LS_ERROR(__VA_ARGS__) +#define DEBUG_MESSAGE(...) LS_DBG_L((LogSession *)m_bio.m_logger, __VA_ARGS__) +#define ERROR_MESSAGE(...) LS_ERROR((LogSession *)m_bio.m_logger, __VA_ARGS__) #endif #else @@ -89,6 +90,10 @@ void SslConnection::setSSL(SSL *ssl) } +void SslConnection::setLogSession(ls_logger_t *log_sess) +{ m_bio.m_logger = log_sess; } + + void SslConnection::setSpecialExData(SSL *ssl, void *data) { SSL_set_ex_data(ssl, s_iConnIdx, data); @@ -202,7 +207,7 @@ int SslConnection::writev(const struct iovec *vect, int count, char *pBufEnd; char *pCurEnd; char achBuf[4096]; - + pBufEnd = achBuf + 4096; pCurEnd = achBuf; for (; vect < pEnd ;) @@ -271,7 +276,7 @@ int SslConnection::flush() int SslConnection::shutdown(int bidirectional) { assert(m_ssl); - + m_flag = 0; if (m_iStatus == ACCEPTING) { @@ -319,7 +324,7 @@ int SslConnection::accept() this); return -1; } - DEBUG_MESSAGE("[SSL: %p] Call SSL_do_handshake, ssl: %p, ctx: %p\n", this, + DEBUG_MESSAGE("[SSL: %p] Call SSL_do_handshake, ssl: %p, ctx: %p\n", this, m_ssl, SSL_get_SSL_CTX(m_ssl)); setFlag(F_ASYNC_PK, 0); ret = SSL_do_handshake(m_ssl); @@ -381,6 +386,11 @@ int SslConnection::checkError(int ret) case SSL_ERROR_SSL: if (m_iWant == LAST_WRITE) { + if (ERR_peek_error() == SSL_R_PROTOCOL_IS_SHUTDOWN) + { + errno = ECONNRESET; + break; + } m_iWant |= WANT_WRITE; ERR_clear_error(); return 0; @@ -474,7 +484,7 @@ int SslConnection::connect() int SslConnection::tryagain() -{ +{ DEBUG_MESSAGE("[SSL: %p] tryagain!\n", this); assert(m_ssl); switch (m_iStatus) @@ -547,7 +557,7 @@ int SslConnection::getSpdyVersion() int v = 0; DEBUG_MESSAGE("[SSL: %p] getSpdyVersion\n", this); - + #ifdef LS_ENABLE_SPDY unsigned int len = 0; const unsigned char *data = NULL; diff --git a/src/sslpp/sslconnection.h b/src/sslpp/sslconnection.h index 30d3866de..810acb17c 100644 --- a/src/sslpp/sslconnection.h +++ b/src/sslpp/sslconnection.h @@ -19,6 +19,7 @@ #ifndef SSLCONNECTION_H #define SSLCONNECTION_H #include +#include #include #include #include @@ -73,6 +74,8 @@ class SslConnection : public HioCrypto void setSSL(SSL *ssl); SSL *getSSL() const { return m_ssl; } + void setLogSession(ls_logger_t *log_sess); + void release(); int setfd(int fd); //int setfd(int rfd, int wfd); @@ -127,7 +130,7 @@ class SslConnection : public HioCrypto int getAlpnResult() { return getSpdyVersion(); } int updateOnGotCert(); - + void enableRbio() {}; static void initConnIdx(); @@ -136,7 +139,7 @@ class SslConnection : public HioCrypto static int getCipherBits(const SSL_CIPHER *pCipher, int *algkeysize); static int isClientVerifyOptional(int i); - + // Can only be called after the first failed accept or read, to obtain the // raw data which can be used in a redirect (see ntwkiolink.cpp). char *getRawBuffer(int *len); @@ -153,13 +156,13 @@ class SslConnection : public HioCrypto int wantAsyncCtx(bool isWantWait); private: + ls_fdbio_data m_bio; SSL *m_ssl; SslClientSessCache *m_pSessCache; short m_flag; char m_iStatus; char m_iWant; static int32_t s_iConnIdx; - ls_fdbio_data m_bio; LS_NO_COPY_ASSIGN(SslConnection); }; diff --git a/src/sslpp/sslcontext.cpp b/src/sslpp/sslcontext.cpp index 5eb1a392d..37fcee27e 100644 --- a/src/sslpp/sslcontext.cpp +++ b/src/sslpp/sslcontext.cpp @@ -67,7 +67,7 @@ SslContext *SslContext::config(SslContext *pContext, const char *pZcDomainName, LS_DBG_L("[SSL] Insufficient memory\n"); return NULL; } - + if (pNewContext->init()) return NULL; @@ -648,7 +648,7 @@ int SslContext::init(int iMethod) return 0; if (initSSL()) return -1; - + m_iMethod = iMethod; m_iEnableSpdy = 0; m_iEnableOcsp = 0; @@ -695,7 +695,7 @@ void SslContext::release() { #ifdef SSLCERTCOMP SslCertComp::disableCertCompDecomp(m_pCtx); -#endif +#endif if (m_pCtx != NULL && m_pCtx != SSL_CTX_PENDING) { SSL_CTX *pCtx = m_pCtx; diff --git a/src/sslpp/sslcontext.h b/src/sslpp/sslcontext.h index 72e41a24e..1b54f0c5a 100644 --- a/src/sslpp/sslcontext.h +++ b/src/sslpp/sslcontext.h @@ -57,7 +57,7 @@ class SslContext SSL_TLSv11 = 4, SSL_TLSv12 = 8, SSL_TLSv13 = 16, - SSL_TLS_SAFE = 28, + SSL_TLS_SAFE = 24, SSL_TLS = 30, SSL_ALL = 31 }; diff --git a/src/sslpp/sslticket.cpp b/src/sslpp/sslticket.cpp index 61d9f7a4b..abfc8cf0b 100644 --- a/src/sslpp/sslticket.cpp +++ b/src/sslpp/sslticket.cpp @@ -161,8 +161,8 @@ int SslTicket::initShm(int uid, int gid) LOGDBG("Open LsShm Failed."); return LS_FAIL; } - pShm->chperm(uid, gid, 0600); - + pShm->chperm(uid, gid, 0600); + if ((pShmPool = pShm->getGlobalPool()) == NULL) { LOGDBG("Get Global Pool Failed."); @@ -238,13 +238,13 @@ int SslTicket::init(const char* pFileName, long int timeout, int uid, int gid) return LS_FAIL; } pShmData = (STShmData_t *)m_pKeyStore->offset2ptr(m_iOff); - memmove(&pShmData->m_keys, &m_keys, sizeof(m_keys) ); + memmove(&pShmData->m_keys, &m_keys, sizeof(m_keys) ); pShmData->m_tmLastAccess = DateTime::s_curTime; m_pKeyStore->unlock(); return LS_OK; } pShmData = (STShmData_t *)m_pKeyStore->offset2ptr(m_iOff); - memmove(&m_keys, &pShmData->m_keys, sizeof(m_keys) ); + memmove(&m_keys, &pShmData->m_keys, sizeof(m_keys) ); m_pKeyStore->unlock(); pCur = &m_keys.m_aKeys[m_keys.m_idxCur]; if (pCur->expireSec > (DateTime::s_curTime + (timeout >> 1))) @@ -255,7 +255,7 @@ int SslTicket::init(const char* pFileName, long int timeout, int uid, int gid) m_pKeyStore->lock(); pShmData = (STShmData_t *)m_pKeyStore->offset2ptr(m_iOff); checkShmExpire(pShmData); - memmove(&m_keys, &pShmData->m_keys, sizeof(m_keys) ); + memmove(&m_keys, &pShmData->m_keys, sizeof(m_keys) ); m_pKeyStore->unlock(); return LS_OK; } @@ -285,7 +285,7 @@ int SslTicket::init(const char* pFileName, long int timeout, int uid, int gid) memmove(&m_keys.m_aKeys[m_keys.m_idxCur], &newKey, SSLTICKET_KEYSIZE); m_pKeyStore->lock(); pShmData = (STShmData_t *)m_pKeyStore->offset2ptr(m_iOff); - memmove(&pShmData->m_keys, &m_keys, sizeof(m_keys) ); + memmove(&pShmData->m_keys, &m_keys, sizeof(m_keys) ); } m_keys.m_aKeys[m_keys.m_idxCur].expireSec = DateTime::s_curTime + timeout; pShmData->m_keys.m_aKeys[pShmData->m_keys.m_idxCur].expireSec @@ -401,7 +401,7 @@ int SslTicket::checkShmExpire(STShmData_t *pShmData) RAND_bytes((unsigned char *)pPrev, SSLTICKET_KEYSIZE); pPrev->expireSec = pNext->expireSec + (m_iLifetime >> 1); - rotateIndices(pShmData->m_keys.m_idxPrev, pShmData->m_keys.m_idxCur, + rotateIndices(pShmData->m_keys.m_idxPrev, pShmData->m_keys.m_idxCur, pShmData->m_keys.m_idxNext); return LS_OK; } diff --git a/src/sslpp/sslticket.h b/src/sslpp/sslticket.h index 03aba1330..ab93b3d07 100644 --- a/src/sslpp/sslticket.h +++ b/src/sslpp/sslticket.h @@ -49,7 +49,7 @@ typedef struct rotatkeys_s short m_idxNext; } RotateKeys_t; -class SslTicket +class SslTicket { static LsShmHash *m_pKeyStore; static AutoStr2 *m_pFile; diff --git a/src/thread/offloader.cpp b/src/thread/offloader.cpp index 24da67614..bbf8c3175 100644 --- a/src/thread/offloader.cpp +++ b/src/thread/offloader.cpp @@ -52,7 +52,7 @@ struct Offloader : public EventNotifier int startProcessor(int workers = 1); - int addJob(ls_offload *task); + int addJob(ls_offload *task, LogSession *log_sess); int onNotified(int count); }; @@ -100,11 +100,11 @@ int Offloader::init(int min_idle, int max_idle, int nice_pri) } -int Offloader::addJob(ls_offload *data) +int Offloader::addJob(ls_offload *data, LogSession *log_sess) { int rc; - LS_DBG_L("[%s] Offloader::addJob: %p.\n", get_log_id(), data); + LS_DBG_L(log_sess, "[%s] Offloader::addJob: %p.\n", get_log_id(), data); assert(data->task_link == NULL); assert(data->api != NULL); assert(data->api->on_task_done != NULL); @@ -189,8 +189,8 @@ struct Offloader *offloader_new2(const char *log_id, int workers, } -int offloader_enqueue(struct Offloader * offload, ls_offload *task) +int offloader_enqueue(struct Offloader * offload, ls_offload *task, void *log_sess) { - return offload->addJob(task); + return offload->addJob(task, (LogSession *)log_sess); }
From Version(s): + From Version(s): @@ -174,9 +193,18 @@ if ( $state == ViewModel::ST_SCAN_NEEDED ): @@ -185,8 +213,13 @@ if ( $state == ViewModel::ST_SCAN_NEEDED ):
- Select All + +
- - + +
- Upgrade To: + + - +
'; } else { @@ -436,13 +436,12 @@ private function get_print_line($node, $disp, $attr) $buf .= '