I didn't think this was possible, but hackers had enough access to upload a backdoor .php file to various websites hosted via OpenLiteSpeed.
They exploited some WordPress vulnerability and uploaded a .php file somewhere containing a backdoor.
This file was a backdoor that allowed you to...
I created the configuration for External App in my Virtual Host:
Name * : NodeJS
Address * : localhost:3000
And the configuration for Context with type "Proxy"
URI *: /
Web Server *: [VHost Level]: NodeJS
Ok...
When acessing the sub-URI "/foo/bar"
The proxy point to localhost:3000/foo/bar and...
How this kb can help me?
I already read this.
I need the variable Header, a variable in Set/Add declaration of Access-Control-Allow-Origin header.
.
OLS support Env If?
Is there a way to allow multiple cross-domains using the Access-Control-Allow-Origin header in OpenLiteSpeed?
I try this code in Rewrite but without success:
SetEnvIf Origin "http(s)?://(www\.)?(domain1.example|domain2.example)$" AccessControlAllowOrigin=$0$1
Header add...
I'm not using WordFence, but a WAF by HackerSec: https://waf.hackersec.com/.
This link did not help me. I tested these configurations.
This is my htaccess configuration:
### Rewrite Rules Added by CyberPanel Rewrite Rule Generator
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule...
I'm using CyberPanel, I don't have access to LiteSpeed WebAdmin through it because it is blocked by default by the Firewall (7080 port).
In CyberPanel WebAdmin I can edit the PHP settings (in PHP->Edit PHP Configs) and after that restart LiteSpeed (in Server Status -> Service Status).
Using...
Hello,
I disabled HTTP/2 and defined this cipher suite to my SSL Protocol configuration:
Listener HTTPS->SSL->SSL Protocol
"TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES256-GCM-SHA384:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"
TLS 1.3...
No! Oh, sorry!!! I missing some of dependencies.
[ERROR] It is not allowed to run LiteSpeed web server on behalf of a privileged user/group, user id must not be less than 50 and group id must not be less than 10.UID of user 'root' is 0, GID of group 'root' is 0. Please fix above problem first...
make[2]: *** No rule to make target '../ssl/libssl.a', needed by 'openlitespeed'. Stop.
I have the following libs installed:
My current script intallation:
https://gist.github.com/slowaways/3d6bd53ccdc08e1ef2655498229bfba1