What is OpenLiteSpeed?
OpenLiteSpeed is a high-performance, open-source web server developed by LiteSpeed Technologies. It offers exceptional speed, low resource consumption, and compatibility with Apache rewrite rules.
Key Features
- • Event-driven architecture
- • Built-in LSCache page caching
- • Native HTTP/3 & QUIC support
- • WebAdmin GUI interface
- • Apache .htaccess compatibility
- • ModSecurity v3 integration
Comparison
- • vs Apache: Lower memory, faster
- • vs Nginx: .htaccess support
- • Built-in caching (no plugins)
- • Web-based configuration
- • Drop-in Apache replacement
Prerequisites
Before we begin, you'll need:
Server Requirements
- • RamNode VPS with at least 1GB RAM (2GB+ recommended)
- • Ubuntu 22.04/24.04 or AlmaLinux 8/9
- • 20GB+ SSD storage (40GB+ NVMe recommended)
- • SSH access to your server
Required Ports
- • 80/TCP: HTTP traffic
- • 443/TCP+UDP: HTTPS & HTTP/3
- • 7080/TCP: WebAdmin interface
Update System (Ubuntu/Debian)
sudo apt update && sudo apt upgrade -yUpdate System (AlmaLinux/Rocky)
sudo dnf update -yConfigure UFW Firewall (Ubuntu)
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 443/udp
sudo ufw allow 7080/tcp
sudo ufw enable3
Installing OpenLiteSpeed
Add the LiteSpeed repository and install OpenLiteSpeed:
Add Repository (Ubuntu/Debian)
wget -O - https://repo.litespeed.sh | sudo bashAdd Repository (AlmaLinux/Rocky)
sudo rpm -Uvh http://rpms.litespeedtech.com/centos/litespeed-repo-1.3-1.el8.noarch.rpmInstall OpenLiteSpeed (Ubuntu/Debian)
sudo apt install openlitespeed -yInstall OpenLiteSpeed (AlmaLinux/Rocky)
sudo dnf install openlitespeed -ySet WebAdmin Password
sudo /usr/local/lsws/admin/misc/admpass.sh⚠️ Security Notice: The WebAdmin interface is accessible on port 7080. Use a strong password and consider restricting access via firewall to trusted IPs only.
Start OpenLiteSpeed
sudo systemctl start lsws
sudo systemctl enable lsws
sudo systemctl status lsws✅ Success: Access the WebAdmin interface at https://your-server-ip:7080
4
PHP Configuration
OpenLiteSpeed uses LSPHP (LiteSpeed PHP) for optimal performance:
Install PHP 8.3 (Ubuntu/Debian)
sudo apt install lsphp83 lsphp83-common lsphp83-mysql lsphp83-curl \
lsphp83-imagick lsphp83-intl lsphp83-opcache lsphp83-imap -yInstall PHP 8.3 (AlmaLinux/Rocky)
sudo dnf install lsphp83 lsphp83-common lsphp83-mysqlnd lsphp83-curl \
lsphp83-imagick lsphp83-intl lsphp83-opcache lsphp83-imap -yConfigure PHP handler in WebAdmin:
- Navigate to Server Configuration → External App
- Click 'Add' to create a new external application
- Select 'LiteSpeed SAPI App' as the type
PHP Handler Settings
- • Name: lsphp83
- • Address: uds://tmp/lshttpd/lsphp.sock
- • Max Connections: 35
- • Command: /usr/local/lsws/lsphp83/bin/lsphp
php.ini Recommended Settings
memory_limit = 256M
max_execution_time = 300
max_input_time = 300
post_max_size = 64M
upload_max_filesize = 64M
max_input_vars = 5000
# OPcache settings
opcache.enable = 1
opcache.memory_consumption = 128
opcache.interned_strings_buffer = 16
opcache.max_accelerated_files = 10000
opcache.revalidate_freq = 25
Virtual Host Configuration
Create the directory structure and configure virtual host:
Create Document Root
sudo mkdir -p /var/www/example.com/{public_html,logs}
sudo chown -R nobody:nogroup /var/www/example.com
sudo chmod -R 755 /var/www/example.com
# Create test PHP file
echo '<?php phpinfo(); ?>' | sudo tee /var/www/example.com/public_html/info.phpConfigure via WebAdmin:
- Go to Virtual Hosts → Add
- Set Virtual Host Name: example.com
- Set Virtual Host Root: /var/www/example.com/
- Enable 'Follow Symbolic Link' and 'Enable Scripts/ExtApps'
Virtual Host Settings
- • Document Root: $VH_ROOT/public_html
- • Domain Name: example.com, www.example.com
- • Enable GZIP: Yes
- • Enable Brotli: Yes
Map virtual host to listener:
- Go to Listeners → Default → Virtual Host Mappings
- Click 'Add' and select your virtual host
- Enter domains: example.com, www.example.com
Apply Configuration
sudo /usr/local/lsws/bin/lswsctrl restart6
SSL/TLS Configuration
Set up free SSL certificates with Let's Encrypt:
Install Certbot (Ubuntu/Debian)
sudo apt install certbot -yObtain SSL Certificate
sudo systemctl stop lsws
sudo certbot certonly --standalone -d example.com -d www.example.com
sudo systemctl start lswsConfigure HTTPS listener in WebAdmin:
- Go to Listeners → Add
- Set Listener Name: HTTPS
- Set Port: 443, Secure: Yes
SSL Settings
- • Private Key: /etc/letsencrypt/live/example.com/privkey.pem
- • Certificate: /etc/letsencrypt/live/example.com/fullchain.pem
- • Chained Certificate: Yes
Auto-Renewal Cron Job
# Add to crontab (sudo crontab -e)
0 3 * * * certbot renew --quiet --pre-hook 'systemctl stop lsws' --post-hook 'systemctl start lsws'7
Performance Optimization
Enable LSCache and optimize server settings:
Enable LSCache
- Go to Virtual Hosts → [your host] → Cache
- Enable Cache: Yes
- Cache Storage Path: /tmp/lscache/$VH_NAME
Server Tuning Settings
- • Max Connections: 10000
- • Max SSL Connections: 10000
- • Connection Timeout: 300
- • Max Keep-Alive Requests: 10000
- • Keep-Alive Timeout: 5
Enable HTTP/3 & QUIC
- Ensure UDP port 443 is open
- Go to Listeners → HTTPS → SSL → Enable HTTP3/QUIC
- Set to Yes and perform graceful restart
💡 Tip: HTTP/3 uses UDP for faster connection establishment. Modern browsers automatically use HTTP/3 when available.
8
Security Hardening
Secure your OpenLiteSpeed installation:
Restrict WebAdmin Access
- Go to WebAdmin Settings → Security
- Set Allowed List to your trusted IP addresses
Install ModSecurity (Ubuntu/Debian)
sudo apt install ols-modsecurity -y
# Download OWASP Core Rule Set
cd /usr/local/lsws/conf
sudo git clone https://github.com/coreruleset/coreruleset.git modsec
cd modsec
sudo cp crs-setup.conf.example crs-setup.confSecurity Headers (.htaccess)
RewriteEngine On
<IfModule mod_headers.c>
Header always set X-Content-Type-Options "nosniff"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-XSS-Protection "1; mode=block"
Header always set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>Additional Security
- • Disable Server Signature: Server Configuration → Security → No Signature
- • Enable ModSecurity: Server Configuration → Security
9
Database Setup (Optional)
Install MariaDB for applications requiring a database:
Install MariaDB (Ubuntu/Debian)
sudo apt install mariadb-server mariadb-client -y
sudo systemctl start mariadb
sudo systemctl enable mariadbSecure Installation
sudo mysql_secure_installationCreate Database and User
sudo mysql -u root -p
CREATE DATABASE example_db CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'example_user'@'localhost' IDENTIFIED BY 'secure_password';
GRANT ALL PRIVILEGES ON example_db.* TO 'example_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;10
Troubleshooting
503 Service Unavailable
- • Verify LSPHP is installed:
ls /usr/local/lsws/lsphp*/bin/lsphp - • Check external app configuration in WebAdmin
- • Review error logs
Permission Denied Errors
Fix Permissions
sudo chown -R nobody:nogroup /var/www/example.com
sudo find /var/www/example.com -type d -exec chmod 755 {} \;
sudo find /var/www/example.com -type f -exec chmod 644 {} \;Log File Locations
- • Server Error: /usr/local/lsws/logs/stderr.log
- • Access Log: /usr/local/lsws/logs/access.log
- • PHP Errors: /usr/local/lsws/logs/php-error.log
Useful Commands
# Check service status
sudo systemctl status lsws
# Graceful restart
sudo /usr/local/lsws/bin/lswsctrl restart
# View real-time logs
sudo tail -f /usr/local/lsws/logs/stderr.log
# Test configuration
sudo /usr/local/lsws/bin/lswsctrl configtestNext Steps
With OpenLiteSpeed configured, consider these next steps:
- • Deploy your web application (WordPress, Laravel, etc.)
- • Install the LiteSpeed Cache plugin for WordPress
- • Set up automated backups
- • Configure monitoring with Prometheus and Grafana
- • Implement a CDN for static assets
For additional assistance, consult the OpenLiteSpeed documentation or contact RamNode support.