OpenLiteSpeed 設定教學
安裝 OpenLiteSpeed
OpenLiteSpeed(OLS)提供多種安裝方式,包括從官方網站下載安裝包進行二進制安裝。本文主要介紹基本的 OLS 設定範例,適用於新伺服器的初始配置。我們假設你已經從官網下載並安裝了 OLS。
伺服器根目錄
OLS 的默認伺服器根目錄通常是 /usr/local/lsws。幾乎所有的默認文件都位於此目錄下。當然,對於新創建的虛擬主機,你可以使用 /home/user1/、/home/user2/ 等目錄作為虛擬主機根目錄。
主配置文件
主要的配置文件位於 /usr/local/lsws/conf/,其中最重要的是 httpd_config.conf。以下是此文件的內容範例:
httpdWorkers 1
user nobody
group nobody
priority 0
cpuAffinity 2
enableLVE 0
inMemBufSize 60M
swappingDir /tmp/lshttpd/swap
autoFix503 1
gracefulRestartTimeout 300
mime $SERVER_ROOT/conf/mime.properties
showVersionNumber 1
useIpInProxyHeader 0
adminEmails root@localhost
errorlog $SERVER_ROOT/logs/error.log {
logLevel DEBUG
debugLevel 10
rollingSize 10M
enableStderrLog 1
}
accesslog $SERVER_ROOT/logs/access.log {
rollingSize 10M
keepDays 30
compressArchive 0
}
indexFiles index.html, index.php
expires {
enableExpires 1
expiresByType image/*=A604800, text/css=A604800, application/x-javascript=A604800
}
autoLoadHtaccess 1
tuning {
maxConnections 2000
maxSSLConnections 1000
connTimeout 300
maxKeepAliveReq 1000
smartKeepAlive 0
keepAliveTimeout 5
sndBufSize 0
rcvBufSize 0
maxReqURLLen 8192
maxReqHeaderSize 16380
maxReqBodySize 2047M
maxDynRespHeaderSize 8192
maxDynRespSize 2047M
maxCachedFileSize 4096
totalInMemCacheSize 20M
maxMMapFileSize 256K
totalMMapCacheSize 40M
useSendfile 1
fileETag 28
enableGzipCompress 1
compressibleTypes text/*,application/x-javascript,application/javascript,application/xml, image/svg+xml
enableDynGzipCompress 1
gzipCompressLevel 6
gzipAutoUpdateStatic 1
gzipStaticCompressLevel 6
gzipMaxFileSize 10M
gzipMinFileSize 300
}
fileAccessControl {
followSymbolLink 1
checkSymbolLink 0
requiredPermissionMask 000
restrictedPermissionMask 000
}
perClientConnLimit {
staticReqPerSec 0
dynReqPerSec 0
outBandwidth 0
inBandwidth 0
softLimit 10000
hardLimit 10000
gracePeriod 15
banPeriod 300
}
CGIRLimit {
maxCGIInstances 20
minUID 11
minGID 10
priority 0
CPUSoftLimit 10
CPUHardLimit 50
memSoftLimit 1460M
memHardLimit 1470M
procSoftLimit 400
procHardLimit 450
}
accessDenyDir {
dir /
dir /etc/*
dir /dev/*
dir $SERVER_ROOT/conf/*
dir $SERVER_ROOT/admin/conf/*
}
accessControl {
allow ALL
}
extprocessor lsphp {
type lsapi
address uds://tmp/lshttpd/lsphp.sock
maxConns 35
env PHP_LSAPI_MAX_REQUESTS=50
env PHP_LSAPI_CHILDREN=35
initTimeout 60
retryTimeout 0
persistConn 1
respBuffer 0
autoStart 2
path $SERVER_ROOT/fcgi-bin/lsphpnew
backlog 100
instances 1
runOnStartUp 3
priority 0
memSoftLimit 2047M
memHardLimit 2047M
procSoftLimit 400
procHardLimit 500
}
scripthandler {
add lsapi:lsphp php
}
railsDefaults {
maxConns 5
env LSAPI_MAX_IDLE=60
initTimeout 60
retryTimeout 0
pcKeepAliveTimeout 60
respBuffer 0
backlog 50
runOnStartUp 1
extMaxIdleTime 300
priority 3
memSoftLimit 2047M
memHardLimit 2047M
procSoftLimit 500
procHardLimit 600
}
module cache {
checkPrivateCache 1
checkPublicCache 1
maxCacheObjSize 10000000
maxStaleAge 200
qsCache 1
reqCookieCache 1
respCookieCache 1
ignoreReqCacheCtrl 1
ignoreRespCacheCtrl 0
enableCache 0
expireInSeconds 3600
enablePrivateCache 0
privateExpireInSeconds 3600
ls_enabled 1
}
module mod_security {
modsecurity on|off
modsecurity_rules `
SecRuleEngine On
SecRule ARGS "@streq whee" "id:10,phase:2"
SecRule ARGS "@streq whee" "id:11,phase:2"
`
modsecurity_rules_file /rule/file/path
modsecurity_rules_remote key uri
}
virtualhost Example {
vhRoot /var/www/html/Example/
configFile $SERVER_ROOT/conf/vhosts/Example/vhconf.conf
allowSymbolLink 1
enableScript 1
restrained 1
setUIDMode 0
}
listener Default {
address *:80
secure 0
map Example *
}
listener Defaultssl {
address *:443
secure 1
keyFile /usr/local/lsws/conf/example.key
certFile /usr/local/lsws/conf/example.crt
map Example *
}
虛擬主機配置文件
在 /usr/local/lsws/conf/vhosts/ 目錄下,每個虛擬主機都有一個配置文件。以下是 /usr/local/lsws/conf/vhosts/Example/vhconf.conf 的範例內容:
docRoot $VH_ROOT/html/
enableGzip 1
errorlog $VH_ROOT/logs/error.log {
useServer 1
logLevel DEBUG
rollingSize 10M
}
accesslog $VH_ROOT/logs/access.log {
useServer 0
rollingSize 10M
keepDays 30
compressArchive 0
}
index {
useServer 0
indexFiles index.html
autoIndex 0
autoIndexURI /_autoindex/default.php
}
errorpage 404 {
url /error404.html
}
scripthandler {
add lsapi:lsphp-example php
}
expires {
enableExpires 1
}
accessControl {
allow *
}
realm SampleProtectedArea {
userDB {
location conf/vhosts/Example/htpasswd
maxCacheSize 200
cacheTimeout 60
}
groupDB {
location conf/vhosts/Example/htgroup
maxCacheSize 200
cacheTimeout 60
}
}
extprocessor lsphp-example {
type lsapi
address uds://tmp/lshttpd/lsphp-example.sock
maxConns 35
env PHP_LSAPI_MAX_REQUESTS=5000
env PHP_LSAPI_CHILDREN=35
initTimeout 60
retryTimeout 0
persistConn 1
respBuffer 0
autoStart 2
path /usr/local/lsws/lsphp73/bin/lsphp
backlog 100
instances 1
extUser john
extGroup john
runOnStartUp 3
priority 0
memSoftLimit 2047M
memHardLimit 2047M
procSoftLimit 400
procHardLimit 500
}
context /docs/ {
location $SERVER_ROOT/docs/
allowBrowse 1
}
context /protected/ {
location protected/
allowBrowse 1
realm SampleProtectedArea
authName Protected
required user test
accessControl {
allow *
}
}
context /blocked/ {
allowBrowse 0
}
context /cgi-bin/ {
type cgi
location $VH_ROOT/cgi-bin/
}
rewrite {
enable 1
autoLoadHtaccess 1
logLevel 9
}
編輯配置文件
最簡單的方式是透過 WebAdmin Console 進行配置。WebAdmin Console 使得配置過程更加直觀,適合初學者。當然,如果你熟悉 OLS 的語法,也可以直接使用文本編輯器如 vi 來編輯配置文件。記得在修改配置文件後重啟 OLS。
包含文件
在主配置文件 httpd_config.conf 中,可以定義虛擬主機配置文件的位置。技術上,你可以在配置中使用包含文件,但目前 WebAdmin Console 尚不支持此功能。如果你要使用包含文件,需使用文本編輯器手動編輯。例如:
include $SERVER_ROOT/conf/l1/*/*.conf
這將會包含 $SERVER_ROOT/conf/l1 目錄下的所有 .conf 文件,但不包括子目錄中的文件。
透過此完整教學,希望你能夠成功配置 OpenLiteSpeed 伺服器。如果有任何問題,可以參考官方文件或尋求社群支援。