CGI Context
Table of Contents
URI | Path | Header Operations | Allow Set UID | Allow Override | Realm | Authentication Name | Require (Authorized Users/Groups) | Access Allowed | Access Denied | Authorizer | Add Default Charset | Customized Default Charset | Enable Rewrite | Rewrite Inherit | Rewrite Base | Rewrite Rules | Cache Stale Age (seconds) | Publicly Cache All | Cache Expire Time (seconds) | Micro Cache 5XX Response | Privately Cache All | Private Cache Expire Time (seconds) | Enable POST cache | Enable GeoLocation Lookup | Enable PageSpeed Optimization | PageSpeed Settings | Apache Style Configurations
CGI Context⇑
Description
A CGI context defines scripts in a particular directory as CGI scripts. This directory can be inside or outside of the document root. When a file under this directory is requested, the server will always try to execute it as a CGI script, no matter if it's executable or not. In this way, file content under a CGI Context is always protected and cannot be read as static content. It is recommended that you put all your CGI scripts in a directory and set up a CGI Context to access them.
URI⇑
Description
Specifies the URI for this context.
Syntax
The URI can be a plain URI (starting with "/") or a Perl compatible regular expression URI (starting with "exp:"). If a plain URI ends with a "/", then this context will include all sub-URIs under this URI. If the context maps to a directory on the file system, a trailing "/" must be added.
See Also
Path⇑
Description
Specifies the location of CGI scripts.
Syntax
The path can be a directory that contains a group of CGI scripts, like $VH_ROOT/myapp/cgi-bin/. In this case, the context URI must end with "/", like /app1/cgi/. The Path can also specify only one CGI script, like $VH_ROOT/myapp/myscript.pl. This script should have the corresponding URI /myapp/myscript.pl.
Header Operations⇑
Description
Specifies additional response/request headers to be added. Multiple header directives can be added with one directive per line. "NONE" can be used to disable parent header inheritance. If no directive is provided 'Header' is assumed.
Syntax
[Header]|RequestHeader [condition] set|append|merge|add|unset header [value] [early|env=[!]variable]
Example
append Cache-control no-store
Header set My-header cust_header_val
RequestHeader set My-req-header cust_req_header_val
Tips
Syntax and usage are similar to Apache's mod_headers directives for supported operations.
The 'Header' directive is is optional and can be excluded or left in when copying rules from elsewhere without issue.
Allow Set UID⇑
Description
Specifies whether the set UID bit is allowed for CGI scripts. If the set UID bit is allowed and the set UID bit is enabled for a CGI script, no matter which user the CGI script was started on behalf of, the user ID of the CGI process will switch to the user ID of the owner of the CGI script.
The default is "Off".
Syntax
Select from radio box
Tips
Do not allow Set UID CGI scripts whenever possible, as it is inherently a security risk.
Allow Override⇑
Description
Specifies what directives in an access control file are allowed. An access control file can be placed in a directory to control the accessibility of files under that directory.
- When nothing is checked, inherited default settings will be used.
- When None is checked, access control files will be ignored.
- When Limit is checked, directives "Allow", "Deny", and "Order" are allowed. <Limit> and <LimitExcept> directives are also allowed with limited support for GET, HEAD, and POST requests.
- When Auth is checked, directives "AuthGroupFile", "AuthName", "AuthType", "AuthUserFile", "Require", and "Satisfy" are allowed. <Limit> and <LimitExcept> directives are also allowed with limited support for GET, HEAD, and POST requests.
- When FileInfo is checked, directives "AddDefaultCharset", "AddType", "DefaultType", "ForceType", "Redirect", "RedirectPermanent", "RedirectTemp", "RewriteBase", "RewriteCond", "RewriteEngine", "RewriteOptions", and "RewriteRule" are allowed.
- When Indexes is checked, directives "DirectoryIndex", "ExpiresActive", "ExpiresByType", and "ExpiresDefault" are allowed.
- When Options is checked, directive "Options" is allowed.
Allow Override configuration is available at the Server, Virtual Host, and Context levels. If a configuration is unchecked at the Server level, those controlled directives will be disabled for the entire server regardless of settings at lower levels. Lower levels can disable a setting that is enabled at a higher level, but cannot enable a setting that is disabled at an upper level.
Default values:
Server level: "None" (ignore access control file)
VH level: Inherit Server level setting
Context level Inherit VH level setting
Syntax
Select from checkbox
Tips
If there is no need for directory level configuration customization, check None.
Realm⇑
Description
Specifies the authorization realm for this context. When specified, a valid username and password must be provided in order to access this context. Authorization Realms are set up in the Virtual Host Security section. This setting uses each realm's Realm Name.
Syntax
Select from drop down list
Authentication Name⇑
Description
Specifies an alternative name for the authorization realm for the current context. If not specified, the original realm name will be used. The authentication name is displayed on the browser's login pop-up.
Require (Authorized Users/Groups)⇑
Description
Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.
Syntax
Syntax is compatible with Apache's Require directive. For example:
- user username [username ...]
Only listed users can access this context. - group groupid [groupid ...]
Only users belonging to the listed groups can access this context.
Access Allowed⇑
Description
Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.
Syntax
Comma-delimited list of IPs/sub-networks.
Example
Access Denied⇑
Description
Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.
Syntax
Comma-delimited list of IPs/sub-networks.
Example
Authorizer⇑
Description
Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .
Syntax
Select from drop down list
Add Default Charset⇑
Description
Specifies whether to add a character set tag to the "Content-Type" response header, when content type is either "text/html" or "text/plain" without any parameters. When set to Off, this function is disabled. When set to On, either the character set specified by Customized Default Charset or the default "iso-8859-1" will be added.
Syntax
Select from radio box
Customized Default Charset⇑
Description
Specifies a character set to be used when Add Default Charset is On. This is optional. The default value is iso-8859-1. This entry has no effect when Add Default Charset is Off.
Syntax
Name of a character set.
Example
Enable Rewrite⇑
Description
Specifies whether to enable LiteSpeed's URL rewrite engine. This option can be customized at the virtual host or context level, and is inherited along the directory tree until it is explicitly overridden.
Syntax
Select from radio box
Rewrite Inherit⇑
Description
Specifies whether to inherit rewrite rules from parent contexts. If rewrite is enabled and not inherited, rewrite base and rewrite rules defined in this context will be used.
Syntax
Select from radio box
Rewrite Base⇑
Description
Specifies the base URL for rewrite rules.
Syntax
URL
Rewrite Rules⇑
Description
Specifies a list of rewrite rules at the virtual host level.
Do NOT add any document root level rewrite rules here. If you have any document root level rewrite rules from .htaccess, you should instead create a static context with uri "/" and add the rewrite rules there.
A rewrite rule is comprised of one RewriteRule directive and optionally preceded by multiple RewriteCond directives.
- Each directive should take only one line.
- RewriteCond and RewriteRule follow Apache's rewrite directive syntax. Just copy and paste rewrite directives from your Apache configuration files.
- There are minor differences between LiteSpeed and Apache mod_rewrite implementation:
- %\{LA-U:variable\} and %\{LA-F:variable\} are ignored by the LiteSpeed rewrite engine
- Two new server variables are added in the LiteSpeed rewrite engine: %\{CURRENT_URI\} represents the current URI being processed by the rewrite engine and %\{SCRIPT_NAME\} has the same meaning as the corresponding CGI environment variable.
- The LiteSpeed rewrite engine will stop processing rewrite rules after encountering an [L] flag to avoid looping while Apache mod_rewrite will stop processing rewrite rules for the current iteration only. This behavior is similar to that of the [END] flag in Apache mod_rewrite.
The implementation of LiteSpeed's rewrite engine follows Apache's rewrite engine specifications. For more details about rewrite rules, please refer to Apache's mod_rewrite document and Apache's URL rewriting guide .
Syntax
string
Cache Stale Age (seconds)⇑
Description
Specifies how long an object will continue to be served from cache after it has expired but before a new cached copy is available. The default is "10" seconds.
Syntax
Integer number
Publicly Cache All⇑
Description
Publicly cache all URLs served under the current context (virtual host, or context level).
Virtual hosts configured through Apache's httpd.conf can use the "CacheEnable" and "CacheDisable" directives at the server, virtual host, context, file, and location level or in .htaccess. "CacheEnable" and "CacheDisable" directives are compatible with Apache mod_cache directives. However, when used at the context, file, or location level, or in .htaccess, "CacheEnable" and "CacheDisable" will only be applied to directories below the current level. URL parameters will be ignored.
Syntax
Select from radio box
Tips
Disabled by default. Do not enabled this setting if you are using any LSCache plugins.
Cache Expire Time (seconds)⇑
Description
Specifies how long an object will be cached. The default is "86400" seconds (one day).
Syntax
Integer number
Micro Cache 5XX Response⇑
Description
Cache pages responding with HTTP status code 5xx (500, 503, etc) for 10 seconds when the cache response header indicates that the page is cacheable.
Default values:
Server level: Yes
VH level: Inherit Server level setting
Context-level Inherit VH level setting
Syntax
Select from radio box
Tips
Enabling this setting is useful for avoiding bad requests but can also act as some added DDoS protection.
Privately Cache All⇑
Description
Privately cache all URLs served under the current context (virtual host, or context level).
A separate cached copy will be made per user based on their IP and set cookies.
Virtual hosts configured through Apache's httpd.conf can use the "CacheEnable private /url" and "CacheDisable private /url" directives at server, virtual host, directory, file, and location levels or in a .htaccess file. "CacheEnable private" and "CacheDisable private" are compatible with Apache's mod_cache directives and will be applied to all directories below the current level. However, when used at the directory, file, or location level, or in a .htaccess file, "CacheEnable private" and "CacheDisable private" will only be applied to directories below the current level. URL parameters will be ignored.
Syntax
Select from radio box
Tips
Disabled by default. Do not enabled this setting if you are using any LSCache plugins.
Private Cache Expire Time (seconds)⇑
Description
Specifies how long an object will be cached in private cache. The default is "60" seconds.
Syntax
Integer number
Enable POST cache⇑
Description
Specifies if POST requests can be cached using the "x-litespeed-cache-control" header.
Default value: No
Syntax
Select from radio box
Enable GeoLocation Lookup⇑
Description
Enterprise Edition Only Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".
Syntax
Select from radio box
See Also
Enable PageSpeed Optimization⇑
Description
Choose whether or not to enable PageSpeed optimization.
Syntax
Select from radio box
Tips
This can be set at the Server Level and overridden at the Virtual Host and Context Levels. Context Level settings will override Virtual Host Level settings.
PageSpeed Settings⇑
Description
Set parameters using Google default filter sets.
Example
pagespeed FileCachePath /tmp/lshttpd/pagespeed;
pagespeed RewriteLevel CoreFilters;
Apache Style Configurations⇑
Description
Specifies Apache configuration directives (supported by LiteSpeed) that you want to use in LiteSpeed native configuration file. For example, to override the default PHP configurations (php.ini entries) the server will need four directives: "php_value", "php_flag", "php_admin_value" and "php_admin_flag".
Syntax
Same as Apache configuration file.