Search results

It's a shared hosting server, some people are using Cloudflare for their domains so connection looks like this: Client browser -> Cloudflare -> Our Litespeed server In that situation, client IP is visible in logs and not one belonging to Cloudflare, thanks to "Use Client IP in Header: Trusted...

Default limit is ok. This request was about separate limit for IPs that are being set from headers sent by trusted IPs (OnlyuseIpInProxyHeader=2 in httpd_config.xml or "Use Client IP in Header: Trusted IP" in web GUI). That's because people insist on using Cloudflare, and Cloudflare does not...

Usually those are shops with product list: ~20 .js, ~10 .css, ~77 images (icons, logos, products), fonts. Cloudflare just opens separate connection for every resource and all of them are fetched within a second. User IP is visible in domain logs (useIpInProxyHeader) and "bot detected for vhost...

We have made tests with clean browser, without plugins. When connecting directly, everything is fine, when domain is behind Cloudflare, Cloudflare makes over 100 separate connections which are assigned to single user IP (useIpInProxyHeader) and user is blocked due to perClientConnLimit->hardLimit.

Hi, When there is a Cloudflare in front of LiteSpeed for a domain and web page contains a lot of elements (images, css, js), user IPs are often blocked when perClientConnLimit->hardLimit is set, even to a high numbers, like 100 and useIpInProxyHeader is set to 2. Browser usually makes at most 6...

The following also does not work and allows all Options instead of only listed ones: AllowOverride Options=Indexes,IncludesNOEXEC,MultiViews The bad thing is that it allows +ExecCGI, and even "DisableCgiOverride On" does not stop user from enabling CGI in .htaccess. BTW, "DisableCgiOverride On"...

AllowOverrideList is not supported and AllowOverride is not enough because FileInfo contains mod_rewrite directives, which I do not want to block and some that I would like to block.