From 7e18b8688c61266566d7d401c845701888b08a32 Mon Sep 17 00:00:00 2001 From: "usman@cyberpersons.com" Date: Mon, 20 Mar 2023 23:36:57 +0500 Subject: [PATCH] add php8.1 to lsws config --- install/litespeed/httpd_config.xml | 954 +++++++++++++++-------------- 1 file changed, 500 insertions(+), 454 deletions(-) diff --git a/install/litespeed/httpd_config.xml b/install/litespeed/httpd_config.xml index c5cba010b..eadfa1bb2 100755 --- a/install/litespeed/httpd_config.xml +++ b/install/litespeed/httpd_config.xml @@ -1,457 +1,503 @@ - $HOSTNAME - nobody - nobody - 0 - / - 0 - 120M - /tmp/lshttpd/swap - 1 - 1 - 0 - /usr/local/lsws/conf/httpd.conf - 0 - 0 - 1 - 5 - $SERVER_ROOT/conf/mime.properties - 0 - 0 - 86400 - 1 - usman@cyberpersons.com - $SERVER_ROOT/admin/ - - - $SERVER_ROOT/logs/error.log - DEBUG - 0 - 10M - 1 - 1 - - - $SERVER_ROOT/logs/access.log - %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" - 10M - 30 - 1 - - - index.html, index.php - - 0 - .htaccess - - - 1 - image/*=A604800, text/css=A604800, application/x-javascript=A604800, application/javascript=A604800 - - - best - 10000 - 10000 - 300 - 1000 - 0 - 5 - 0 - 0 - 8192 - 16380 - 500M - 8K - 500M - 4096 - 20M - 256K - 40M - 1 - 1 - 4 - 1 - 1 - 1 - text/*,application/x-javascript,application/javascript,application/xml, image/svg+xml - 1 - 6 - 1M - 300 - null - - - 1 - - - - 1 - 0 - 000 - 000 - - - 0 - 0 - 0 - 0 - 10000 - 10000 - 15 - 300 - - - 200 - 11 - 10 - 0 - 300 - 600 - 1450M - 1500M - 1400 - 1450 - - - 0 - 0 - deny,log,status:403 - 1 - /tmp - $SERVER_ROOT/logs/security_audit.log - - - XSS attack - log,deny,status:403,msg:'XSS attack' - 1 - - - - SQL injection - log,pass,msg:'SQL Injection attack' - 1 - #SQL generic -SecFilterSelective ARGS "drop[[:space:]]+(database|table|column|procedure)" -SecFilterSelective ARGS "delete[[:space:]]+from|create[[:space:]]+table|update.+set.+=|insert[[:space:]]+into.+values" -SecFilterSelective ARGS "select.+from|bulk[[:space:]]+insert|union.+select|alter[[:space:]]+table" -SecFilterSelective ARGS "or.+1[[:space:]]*=[[:space:]]1|or 1=1--'|'.+--" + $HOSTNAME + nobody + nobody + 0 + / + 0 + 120M + /tmp/lshttpd/swap + 1 + 1 + 0 + /usr/local/lsws/conf/httpd.conf + 0 + 0 + 1 + 5 + $SERVER_ROOT/conf/mime.properties + 0 + 0 + 86400 + 1 + usman@cyberpersons.com + $SERVER_ROOT/admin/ + + + $SERVER_ROOT/logs/error.log + DEBUG + 0 + 10M + 1 + 1 + + + $SERVER_ROOT/logs/access.log + %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" + + 10M + 30 + 1 + + + index.html, index.php + + 0 + .htaccess + + + 1 + image/*=A604800, text/css=A604800, application/x-javascript=A604800, + application/javascript=A604800 + + + + best + 10000 + 10000 + 300 + 1000 + 0 + 5 + 0 + 0 + 8192 + 16380 + 500M + 8K + 500M + 4096 + 20M + 256K + 40M + 1 + 1 + 4 + 1 + 1 + 1 + text/*,application/x-javascript,application/javascript,application/xml, image/svg+xml + + 1 + 6 + 1M + 300 + null + + + 1 + + + + 1 + 0 + 000 + 000 + + + 0 + 0 + 0 + 0 + 10000 + 10000 + 15 + 300 + + + 200 + 11 + 10 + 0 + 300 + 600 + 1450M + 1500M + 1400 + 1450 + + + 0 + 0 + deny,log,status:403 + 1 + /tmp + $SERVER_ROOT/logs/security_audit.log + + + XSS attack + log,deny,status:403,msg:'XSS attack' + 1 + + + + SQL injection + log,pass,msg:'SQL Injection attack' + 1 + #SQL generic + SecFilterSelective ARGS "drop[[:space:]]+(database|table|column|procedure)" + SecFilterSelective ARGS "delete[[:space:]]+from|create[[:space:]]+table|update.+set.+=|insert[[:space:]]+into.+values" + SecFilterSelective ARGS "select.+from|bulk[[:space:]]+insert|union.+select|alter[[:space:]]+table" + SecFilterSelective ARGS "or.+1[[:space:]]*=[[:space:]]1|or 1=1--'|'.+--" -SecFilterSelective ARGS "into[[:space:]]+outfile|load[[:space:]]+data|/\*.+\*/" - - 1 - /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin /bin --ro-bind /sbin /sbin --dir /var --ro-bind-try /var/www /var/www --dir /tmp --proc /proc --symlink../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try /usr/local/bin/msmtp /etc/alternatives/mta --ro-bind-try /usr/local/bin/msmtp /usr/sbin/exim --bind-try $HOMEDIR $HOMEDIR --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --bind-try /run/mysqld/mysqld.sock /run/mysqld/mysqld.sock --bind-try /var/run/mysqld/mysqld.sock /var/run/mysqld/mysqld.sock '$COPY-TRY /etc/exim.jail/$USER.conf $HOMEDIR/.msmtprc' --unshare-all --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’ - - / - /etc/* - /dev/* - $SERVER_ROOT/conf/* - $SERVER_ROOT/admin/conf/* - - - ALL, 127.0.0.1T, 103.21.244.0/22T, 103.22.200.0/22T, 103.31.4.0/22T, 104.16.0.0/13T, 104.24.0.0/14T, 108.162.192.0/18T, 131.0.72.0/22T, 141.101.64.0/18T, 162.158.0.0/15T, 172.64.0.0/13T, 173.245.48.0/20T, 188.114.96.0/20T, 190.93.240.0/20T, 197.234.240.0/22T, 198.41.128.0/17T, 2400:cb00::/32T, 2405:8100::/32T, 2405:b500::/32T, 2606:4700::/32T, 2803:f800::/32T, 2a06:98c0::/29T, 2c0f:f248::/32T, 192.88.134.0/23T, 185.93.228.0/22, 66.248.200.0/22T, 208.109.0.0/22T, 2a02:fe80::/29T - - - - - lsapi - lsphp5 -
uds://tmp/lshttpd/lsphp5.sock
- 35 - PHP_LSAPI_CHILDREN=35 - 60 - 0 - 1 - 0 - 3 - $SERVER_ROOT/fcgi-bin/lsphp5 - 100 - 1 - 0 - 2047M - 2047M - 400 - 500 - - - lsapi - lsphp53 -
uds://tmp/lshttpd/lsphp53.sock
- 35 - PHP_LSAPI_CHILDREN=35 - 60 - 0 - 1 - 0 - 3 - $SERVER_ROOT/lsphp53/bin/lsphp - 100 - 1 - 0 - 2047M - 2047M - 400 - 500 - - - lsapi - lsphp54 -
uds://tmp/lshttpd/lsphp54.sock
- 35 - PHP_LSAPI_CHILDREN=35 - 60 - 0 - 1 - 0 - 3 - $SERVER_ROOT/lsphp54/bin/lsphp - 100 - 1 - 0 - 2047M - 2047M - 400 - 500 - - - lsapi - lsphp55 -
uds://tmp/lshttpd/lsphp55.sock
- 35 - PHP_LSAPI_CHILDREN=35 - 60 - 0 - 1 - 0 - 3 - $SERVER_ROOT/lsphp55/bin/lsphp - 100 - 1 - 0 - 2047M - 2047M - 400 - 500 - - - lsapi - lsphp56 -
uds://tmp/lshttpd/lsphp56.sock
- 35 - PHP_LSAPI_CHILDREN=35 - 60 - 0 - 1 - 0 - 3 - $SERVER_ROOT/lsphp56/bin/lsphp - 100 - 1 - 0 - 2047M - 2047M - 400 - 500 - - - lsapi - lsphp70 -
uds://tmp/lshttpd/lsphp70.sock
- 35 - PHP_LSAPI_CHILDREN=35 - 60 - 0 - 1 - 0 - 3 - $SERVER_ROOT/lsphp70/bin/lsphp - 100 - 1 - 0 - 2047M - 2047M - 400 - 500 - - - lsapi - lsphp71 -
uds://tmp/lshttpd/lsphp71.sock
- 35 - PHP_LSAPI_CHILDREN=35 - 60 - 0 - 1 - 0 - 3 - $SERVER_ROOT/lsphp71/bin/lsphp - 100 - 1 - 0 - 2047M - 2047M - 400 - 500 - - - lsapi - lsphp72 -
uds://tmp/lshttpd/lsphp72.sock
- 35 - PHP_LSAPI_CHILDREN=35 - 60 - 0 - 1 - 0 - 3 - $SERVER_ROOT/lsphp72/bin/lsphp - 100 - 1 - 0 - 2047M - 2047M - 400 - 500 - - - lsapi - lsphp73 -
uds://tmp/lshttpd/lsphp73.sock
- 35 - PHP_LSAPI_CHILDREN=35 - 60 - 0 - 1 - 0 - 3 - $SERVER_ROOT/lsphp73/bin/lsphp - 100 - 1 - 0 - 2047M - 2047M - 400 - 500 - - - lsapi - lsphp74 -
uds://tmp/lshttpd/lsphp74.sock
- 35 - PHP_LSAPI_CHILDREN=35 - 60 - 0 - 1 - 0 - 3 - $SERVER_ROOT/lsphp74/bin/lsphp - 100 - 1 - 0 - 2047M - 2047M - 400 - 500 - - - lsapi - lsphp80 -
uds://tmp/lshttpd/lsphp80.sock
- 35 - PHP_LSAPI_CHILDREN=35 - 60 - 0 - 1 - 0 - 3 - $SERVER_ROOT/lsphp80/bin/lsphp - 100 - 1 - 0 - 2047M - 2047M - 400 - 500 - - - - - php - lsapi - lsphp5 - - - php5 - lsapi - lsphp5 - - - php53 - lsapi - lsphp53 - - - php54 - lsapi - lsphp54 - - - php55 - lsapi - lsphp55 - - - php56 - lsapi - lsphp56 - - - php70 - lsapi - lsphp70 - - - php71 - lsapi - lsphp71 - - - php72 - lsapi - lsphp72 - - - php73 - lsapi - lsphp73 - - - php74 - lsapi - lsphp74 - - - php80 - lsapi - lsphp80 - - - - - - 1 - 5 - LSAPI_MAX_IDLE=60 - 180 - 0 - 60 - 0 - 50 - 1 - 3 - 2047M - 2047M - 400 - 500 - - + SecFilterSelective ARGS "into[[:space:]]+outfile|load[[:space:]]+data|/\*.+\*/" + + + 1 + /bin/bwrap --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind-try /lib64 /lib64 --ro-bind /bin + /bin --ro-bind /sbin /sbin --dir /var --ro-bind-try /var/www /var/www --dir /tmp --proc /proc + --symlink../tmp var/tmp --dev /dev --ro-bind-try /etc/localtime /etc/localtime --ro-bind-try + /etc/ld.so.cache /etc/ld.so.cache --ro-bind-try /etc/resolv.conf /etc/resolv.conf --ro-bind-try /etc/ssl + /etc/ssl --ro-bind-try /etc/pki /etc/pki --ro-bind-try /etc/man_db.conf /etc/man_db.conf --ro-bind-try + /usr/local/bin/msmtp /etc/alternatives/mta --ro-bind-try /usr/local/bin/msmtp /usr/sbin/exim --bind-try + $HOMEDIR $HOMEDIR --bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock --bind-try + /home/mysql/mysql.sock /home/mysql/mysql.sock --bind-try /tmp/mysql.sock /tmp/mysql.sock --bind-try + /run/mysqld/mysqld.sock /run/mysqld/mysqld.sock --bind-try /var/run/mysqld/mysqld.sock + /var/run/mysqld/mysqld.sock '$COPY-TRY /etc/exim.jail/$USER.conf $HOMEDIR/.msmtprc' --unshare-all + --share-net --die-with-parent --dir /run/user/$UID ‘$PASSWD 65534’ ‘$GROUP 65534’ + + + / + /etc/* + /dev/* + $SERVER_ROOT/conf/* + $SERVER_ROOT/admin/conf/* + + + ALL, 127.0.0.1T, 103.21.244.0/22T, 103.22.200.0/22T, 103.31.4.0/22T, 104.16.0.0/13T, 104.24.0.0/14T, + 108.162.192.0/18T, 131.0.72.0/22T, 141.101.64.0/18T, 162.158.0.0/15T, 172.64.0.0/13T, 173.245.48.0/20T, + 188.114.96.0/20T, 190.93.240.0/20T, 197.234.240.0/22T, 198.41.128.0/17T, 2400:cb00::/32T, + 2405:8100::/32T, 2405:b500::/32T, 2606:4700::/32T, 2803:f800::/32T, 2a06:98c0::/29T, 2c0f:f248::/32T, + 192.88.134.0/23T, 185.93.228.0/22, 66.248.200.0/22T, 208.109.0.0/22T, 2a02:fe80::/29T + + + + + + lsapi + lsphp5 +
uds://tmp/lshttpd/lsphp5.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/fcgi-bin/lsphp5 + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + lsapi + lsphp53 +
uds://tmp/lshttpd/lsphp53.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/lsphp53/bin/lsphp + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + lsapi + lsphp54 +
uds://tmp/lshttpd/lsphp54.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/lsphp54/bin/lsphp + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + lsapi + lsphp55 +
uds://tmp/lshttpd/lsphp55.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/lsphp55/bin/lsphp + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + lsapi + lsphp56 +
uds://tmp/lshttpd/lsphp56.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/lsphp56/bin/lsphp + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + lsapi + lsphp70 +
uds://tmp/lshttpd/lsphp70.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/lsphp70/bin/lsphp + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + lsapi + lsphp71 +
uds://tmp/lshttpd/lsphp71.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/lsphp71/bin/lsphp + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + lsapi + lsphp72 +
uds://tmp/lshttpd/lsphp72.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/lsphp72/bin/lsphp + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + lsapi + lsphp73 +
uds://tmp/lshttpd/lsphp73.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/lsphp73/bin/lsphp + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + lsapi + lsphp74 +
uds://tmp/lshttpd/lsphp74.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/lsphp74/bin/lsphp + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + lsapi + lsphp80 +
uds://tmp/lshttpd/lsphp80.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/lsphp80/bin/lsphp + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + lsapi + lsphp81 +
uds://tmp/lshttpd/lsphp81.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/lsphp81/bin/lsphp + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + + + php + lsapi + lsphp5 + + + php5 + lsapi + lsphp5 + + + php53 + lsapi + lsphp53 + + + php54 + lsapi + lsphp54 + + + php55 + lsapi + lsphp55 + + + php56 + lsapi + lsphp56 + + + php70 + lsapi + lsphp70 + + + php71 + lsapi + lsphp71 + + + php72 + lsapi + lsphp72 + + + php73 + lsapi + lsphp73 + + + php74 + lsapi + lsphp74 + + + php80 + lsapi + lsphp80 + + + php81 + lsapi + lsphp81 + + + + + + 1 + 5 + LSAPI_MAX_IDLE=60 + 180 + 0 + 60 + 0 + 50 + 1 + 3 + 2047M + 2047M + 400 + 500 + + \ No newline at end of file