Read More

Virtual Host General

Table of Contents

General

Document Root | Administrator Email | Enable Compression | Enable GeoLocation Lookup | cgroups

Virtual Host Log

Use Server's Log | File Name | Log Level | Rolling Size (bytes) | Keep Days | Compress Archive

Access Log

Log Control | File Name | Piped Logger | Log Format | Log Headers | Rolling Size (bytes) | Keep Days | Compress Archive | Bytes Log

Index Files

Use Server Index Files | Index Files | Auto Index | Auto Index URI

Customized Error Pages

Error Code | URL

Script Handler Definition

Suffix | Handler Type | Handler Name

HT Access

Allow Override | Access File Name

Expire Settings

Enable Expires | Expires Default | Expires By Type

Apache Style Configuration

Apache Style Configurations

Web Socket Proxy

URI | Address

Document Root

Description

Specifies the document root for this virtual host. $VH_ROOT/html is recommended. This directory is referred to as $DOC_ROOT in contexts.

Syntax

A path which can be absolute, relative to $SERVER_ROOT, or relative to $VH_ROOT.

Administrator Email

Description

Specifies email address(es) of the administrator(s) of this virtual host.

Syntax

Comma separated list of email addresses

Enable Compression

Description

Specifies whether to enable GZIP/Brotli compression for this virtual host. This setting is only effective when compression is enabled at the server level. Compression settings are configured at the server level (Tuning > GZIP/Brotli Compression).

Syntax

Select from radio box

See Also

Enable Compression, Brotli Compression Level (Dynamic Content)

Enable GeoLocation Lookup

Description

Enterprise Edition Only Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".

Syntax

Select from radio box

See Also

Use Client IP in Header, DB File Path,

cgroups

Description

Apply cgroup settings to this CGI process if supported by the current OS. At this time, RedHat/Centos Linux v7.5+ and Ubuntu 18.04+ are supported. The currently executing user will be used to determine which cgroup configuration to apply.

Setting this to Disabled at the Server level will disable this setting server-wide. In all other cases, the Server level setting can be overridden at the Virtual Host level.

Default values:
Server level: Off
VH level: Inherit Server level setting

Syntax

Select from drop down list

Use Server's Log

Description

Specifies whether to put log messages from this virtual host into the server log file instead of creating its own log file.

Syntax

Select from radio box

File Name

Description

Specifies the path for the log file.

Syntax

Filename which can be an absolute path or a relative path to $SERVER_ROOT, $VH_ROOT.

Tips

Place the log file on a separate disk.

Log Level

Description

Specifies the level of logging. Available levels (from high to low) are ERROR, WARNING, NOTICE, INFO, and DEBUG. Only messages with a level higher than or equal to the current setting will be logged. If you want to set it to DEBUG, you must set the server log level to DEBUG as well. The level of debugging is controlled solely at the server level by Debug Level.

Syntax

Select from drop down list

Tips

Unless Debug Level is set to a level other than NONE, DEBUG log level does not have any performance impact and is recommended.

See Also

Debug Level

Rolling Size (bytes)

Description

Specifies when the current log file needs to be rolled over, also known as log rotation. When the file size is over the rollover limit, the active log file will be renamed to log_name.mm_dd_yyyy(.sequence) in the same directory and a new active log file will be created. The actual size of the rotated log file once it is created will sometimes be a little bigger than this size limit. Set to 0 to disable log rotation.

Syntax

Integer number

Tips

Append "K", "M", "G" to the number for kilo-, mega- and giga- bytes.

Keep Days

Description

Specifies how many days the access log file will be kept on disk. Only rotated log files older than the specified number of days will be deleted. The current log file will not be touched regardless how many days worth of data it contains. If you do not want to auto-delete stale and very old log files, set this to 0.

Syntax

Integer number

Compress Archive

Description

Specifies whether to compress rotated log files in order to save disk space.

Syntax

Select from radio box

Tips

Log files are highly compressible and this is recommended to reduce disk usage for old logs.

Log Control

Description

Where the access log should be written. There are three options:

  1. Write to the server's access log
  2. Create an access log for this virtual host
  3. Disable access logging

Syntax

Select from drop down list

File Name

Description

The access log filename.

Syntax

Filename which can be an absolute path or a relative path to $SERVER_ROOT, $VH_ROOT.

Tips

Put access log file on a separate disk.

Piped Logger

Description

Specifies the external application that will receive the access log data sent by LiteSpeed through a pipe on its STDIN stream (file handle is 0). When this field is specified, the access log will be sent only to the logger application and not the access log file specified in previous entry.

The logger application must be defined in External Apps section first. Server-level access logging can only use an external logger application defined at the server level. Virtual host-level access logging can only use a logger application defined at the virtual host level.

The logger process is spawned in the same way as other external (CGI/FastCGI/LSAPI) processes. This means it will execute as the user ID specified in the virtual host's External App Set UID Mode settings and will never run on behalf of a privileged user.

LiteSpeed web server performs simple load balancing among multiple logger applications if more than one instance of a logger application is configured. LiteSpeed server always attempts to keep the number of logger applications as low as possible. Only when one logger application fails to process access log entries in time will the server attempt to spawn another instance of the logger application.

If a logger crashes, the web server will start another instance but the log data in the stream buffer will be lost. It is possible to lose log data if external loggers cannot keep up with the speed and volume of the log stream.

Syntax

Select from drop down list

Log Format

Description

Enterprise Edition Only Specifies the log format for the access log. When log format is set, it will override the Log Headers setting.

Syntax

String. The syntax of log format is compatible with Apache 2.0's custom log format.

Example

Common Log Format (CLF)
"%h %l %u %t \"%r\" %>s %b"

Common Log Format with Virtual Host
"%v %h %l %u %t \"%r\" %>s %b"

NCSA extended/combined log format
"%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"

Log cookie value of Foobar
"%{Foobar}C"

See Also

Log Headers

Log Headers

Description

Specifies whether to log HTTP request headers: Referer, UserAgent, and Host.

Syntax

Select from checkbox

Tips

Turn this off if you do not need these headers in the access log.

See Also

Log Format

Bytes Log

Description

Specifies the path to the bandwidth bytes log file. When specified, a cPanel compatible bandwidth log will be created. This will log the total bytes transferred for a request including both the request and reply bodies.

Syntax

Filename which can be an absolute path or a relative path to $SERVER_ROOT.

Tips

Put the log file on a separate disk.

Use Server Index Files

Description

Specifies whether to use the server's index file settings. If set to Yes, only the server's settings will be used. If set to No, the server's settings will not be used. If set to Addition, additional index files can be added to server's index file list for this virtual host. If you want to disable index files for this virtual host, you can set the value to No and leave the index files field empty.

Syntax

Select from drop down list

Index Files

Description

Specifies names of index files that will be searched sequentially when a URL is mapped to a directory. You can customize it at the server, virtual host, and context level.

Syntax

Comma-delimited list of index filenames.

Tips

Only set index files that you need.

Auto Index

Description

Specifies whether to generate a directory index on the fly when index files listed in Index Files are not available in a directory. This option is customizable at the virtual host and context level, and is inherited along the directory tree until it is explicitly overridden. You can customize the generated index page. Please check online wiki How-tos.

Syntax

Select from radio box

Tips

It is recommended to turn off Auto Index wherever possible to prevent revealing confidential data.

See Also

Index Files, Auto Index URI

Auto Index URI

Description

Specifies the URI that will be used to generate the index page when index files listed in Index Files are not available in a directory. LiteSpeed web server uses an external script to generate the index page providing the maximum customization flexibility. The default script produces an index page with same look as Apache's. To customize the generated index page, please read online wiki How-tos. The directory to be indexed is passed to the script via an environment variable "LS_AI_PATH".

Syntax

URI

See Also

Index Files, Auto Index

Customized Error Pages

Description

Whenever the server has a problem processing a request, the server will return an error code and an html page as an error message to the web client. Error codes are defined in the HTTP protocol (see RFC 2616). LiteSpeed web server has a built-in default error page for each error code, but a customized page can be configured for each error code as well. These error pages can be even further customized to be unique for each virtual host.

Error Code

Description

Specifies the HTTP status code for the error page. Only the selected HTTP status code will have this customized error page.

Syntax

Select from drop down list

URL

Description

Specifies the URL of the customized error page. The server will forward the request to this URL when the corresponding HTTP status code has returned. If this URL refers to a non-existing resource, the built-in error page will be used. The URL can be a static file, a dynamically generated page, or a page on another web site (a URL starting with "http(s)://"). When referring to a page on another web site, the client will receive a redirect status code instead of the original status code.

Syntax

URL

Suffix

Description

Specifies the script file suffixes that will be handled by this script handler. Suffixes must be unique.

Syntax

Comma delimited list with period "." character prohibited.

Tips

The server will automatically add a special MIME type ("application/x-httpd-[suffix]") for the first suffix in the list. For example, MIME type "application/x-httpd-php53" will be added for suffix "php53". Suffixes after the first need to set up in the MIME Settings settings.
Though we list suffixes in this field, the script handlers use MIME types, not suffixes, to decide which scripts to handle. You can thus use the Apache configuration directives "AddType" and "ForceType" (which control file MIME types) in .htaccess files to change which script handler certain files will use. For example, with the directive AddType application/x-httpd-php53 .php in a properly placed .htaccess file, you can stipulate that php files in this directory have the MIME type "application/x-httpd-php53" and thus will be handled by the script handler that uses MIME type "application/x-httpd-php53" (suffix "php53"). This then allows you to assign different script handlers, not only for different file suffixes, but also based on the locations of files.
Only specify the suffixes you really need.

Handler Type

Description

Specifies the type of external application that processes these script files. Available types are: CGI, FastCGI, Web Server, LSAPI app, Load balancer, or Servlet Engine. For FastCGI, Web Server and Servlet Engine, a Handler Name needs to be specified. This is an external application name as predefined in the External Apps section.

Syntax

Select from drop down list

Handler Name

Description

Specifies the name of the external application that processes the script files when the handler type is FastCGI, Web Server, LSAPI, Load Balancer, or Servlet Engine.

Syntax

Select from drop down list

HT Access

Description

The following directives are supported in a directory level access control file (.htaccess file).

  • Authentication
    • AuthGroupFile
    • AuthName
    • AuthType
    • AuthUserFile
    • Require
    • Satisfy
    • <Limit> (GET, HEAD, POST only)
    • <LimitExcept> (GET, HEAD, POST only)
  • Access Control
    • Allow
    • Deny
    • Order
    • <Limit> (GET, HEAD, POST only)
    • <LimitExcept> (GET, HEAD, POST only)
  • File Info
    • AddDefaultCharset
    • AddType
    • DefaultType
    • ForceType
    • Redirect
    • RedirectPermanent
    • RedirectTemp
    • RewriteBase
    • RewriteCond
    • RewriteEngine
    • RewriteOptions
    • RewriteRule
  • Other
    • DirectoryIndex
    • ExpiresActive
    • ExpiresByType
    • ExpiresDefault
    • Options

Allow Override

Description

Specifies what directives in an access control file are allowed. An access control file can be placed in a directory to control the accessibility of files under that directory.

  • When nothing is checked, inherited default settings will be used.
  • When None is checked, access control files will be ignored.
  • When Limit is checked, directives "Allow", "Deny", and "Order" are allowed. <Limit> and <LimitExcept> directives are also allowed with limited support for GET, HEAD, and POST requests.
  • When Auth is checked, directives "AuthGroupFile", "AuthName", "AuthType", "AuthUserFile", "Require", and "Satisfy" are allowed. <Limit> and <LimitExcept> directives are also allowed with limited support for GET, HEAD, and POST requests.
  • When FileInfo is checked, directives "AddDefaultCharset", "AddType", "DefaultType", "ForceType", "Redirect", "RedirectPermanent", "RedirectTemp", "RewriteBase", "RewriteCond", "RewriteEngine", "RewriteOptions", and "RewriteRule" are allowed.
  • When Indexes is checked, directives "DirectoryIndex", "ExpiresActive", "ExpiresByType", and "ExpiresDefault" are allowed.
  • When Options is checked, directive "Options" is allowed.

Allow Override configuration is available at the Server, Virtual Host, and Context levels. If a configuration is unchecked at the Server level, those controlled directives will be disabled for the entire server regardless of settings at lower levels. Lower levels can disable a setting that is enabled at a higher level, but cannot enable a setting that is disabled at an upper level.

Default values:
Server level: "None" (ignore access control file)
VH level: Inherit Server level setting
Context level Inherit VH level setting

Syntax

Select from checkbox

Tips

If there is no need for directory level configuration customization, check None.

Access File Name

Description

Specifies the name of access control files. These files will be used only if Allow Override is enabled. Default name is .htaccess. You can configure this at server level and virtual host level. Server level is the default setting, and you can override it at virtual host level.

Syntax

Filename starting with "."

See Also

Allow Override

Enable Expires

Description

Specifies whether to generate an Expires header for static files. If enabled, an Expires header will be generated based on Expires Default and Expires By Type.

This can be set at server, virtual host and context level. Lower level settings will override higher level ones, i.e. context settings will override virtual host settings and virtual host settings will override server settings.

Syntax

Select from radio box

Expires Default

Description

Specifies default settings for Expires header generation. This setting takes effect when Enable Expires is set to "Yes". It can be overridden by Expires By Type. Do not set this default at the server or virtual host level unless you have to, since it will generate Expires headers for all pages. Most of time this should be set at the context level for certain directories that do not change often. If there is no default setting, no Expires header will be generated for types not specified in Expires By Type.

Syntax

A|Mseconds
The file will expire after base time(A|M) plus specified seconds. Base time "A" sets the value to the client's access time and "M" to the file's last modified time.

Expires By Type

Description

Specifies Expires header settings for individual MIME types.

Syntax

Comma delimited list of "MIME-type=A|Mseconds". The file will expire after base time (A|M) plus specified seconds.

Base time "A" sets the value to the client's access time and "M" to the file's last modified time. MIME-type accepts wildcard "*", like image/*.

Apache Style Configurations

Description

Specifies Apache configuration directives (supported by LiteSpeed) that you want to use in LiteSpeed native configuration file. For example, to override the default PHP configurations (php.ini entries) the server will need four directives: "php_value", "php_flag", "php_admin_value" and "php_admin_flag".

Syntax

Same as Apache configuration file.

URI

Description

Specifies the URI(s) that will use this WebSocket backend. Traffic to this URI will only be forwarded to the WebSocket backend when it contains a WebSocket upgrade request.

Traffic without this upgrade request will automatically be forwarded to the Context that this URI belongs to. If no Context exists for this URI, LSWS will treat this traffic as though it is accessing a static context with the location $DOC_ROOT/URI.

Syntax

A plain URI (starting with "/"). If the URI ends with a "/", then this WebSocket backend will include all sub-URIs under this URI.

Example

Using the WebSocket proxy in conjunction with a Context allows you to serve different kinds of traffic in different ways on the same page, thus optimizing performance. You can send WebSocket traffic to the WebSocket backend, while setting up a static context so that LSWS can serve the page's static content, or an LSAPI context so LSWS will serve PHP content (both of which LSWS does more efficiently than the WebSocket backend).

Address

Description

A unique socket address used by the WebSocket backend. IPv4 sockets, IPv6 sockets, and Unix Domain Sockets (UDS) are supported. IPv4 and IPv6 sockets can be used for communication over the network. UDS can only be used when the WebSocket backend resides on the same machine as the server.

Syntax

IPv4/IPv6 address:port, UDS://path, or unix:path

Example

127.0.0.1:5434
UDS://tmp/lshttpd/php.sock
unix:/tmp/lshttpd/php.sock

Tips

If the WebSocket backend runs on the same machine, UDS is preferred. If you have to use an IPv4 or IPv6 socket, set the IP address to localhost or 127.0.0.1, so the WebSocket backend is inaccessible from other machines.
Unix Domain Sockets generally provide higher performance than IPv4 or IPv6 sockets.

Privacy Policy

Privacy Policy

LiteSpeed Technologies, Inc. (aka “LiteSpeed”) is committed to protecting your privacy. This policy ("Privacy Policy" or "Policy") explains our practices for our site, www.litespeedtech.com ("Site"). You can visit most pages of the Site without giving us any information about yourself, but sometimes we do need information to provide services that you request. By using this Site or any products or services provided through the Site, you expressly consent to the use and disclosure of information as described in this Privacy Policy.

LiteSpeed reserves the right to revise, modify, add, or remove provisions to this Privacy Policy at any time. If we make changes to this Privacy Policy, we will update the Effective Date to note the date of such changes. LiteSpeed encourages you to review this Privacy Policy periodically for any changes. IF YOU DO NOT AGREE WITH ANY OF THE TERMS BELOW, YOU SHOULD NOT USE THIS SITE OR THE PRODUCTS OR SERVICES OFFERED BY LITESPEED TECHNOLOGIES AT THIS SITE.

Collection of Information

Personal Information.

LiteSpeed will ask you for certain “Personal Information” when you complete registration or product information request forms on the Site, including but not limited to your name, address, telephone number, email address, and credit card information. You can always choose not to provide us with the requested information, however, you may not be able to complete the transaction or use our products or services if you do not provide the information requested.

Non-Personal Information.

LiteSpeed may collect non-personally identifiable information from you such as the type of browser you use, your operating system, the screen resolution of your browser, your ISP, your IP address, which pages you view on the Site and the time and duration of your visits to the Site (collectively, “Non-Personal Information”). LiteSpeed may associate Non-Personal Information with Personal Information if you register with the Site.

User Communications.

If you communicate with us, we may collect information relating to that communication whether it takes the form of email, fax, letter, forum posting, blog comments, testimonials or any other form of communication between you and LiteSpeed or Submitted by you to the Site (collectively, “User Communications”).

Server Information.

If you use one of our software products such as LiteSpeed Web Server or LiteSpeed Web ADC, we may collect certain information concerning such software and concerning the server upon which the software operates. This information includes: (a) the licensed or unlicensed status of the software; (b) the source from which the license for the software was obtained (i.e., LiteSpeed or a LiteSpeed affiliate); or (c) information about the server upon which the software is installed including (i) the public IP address, (ii) the operating system and (iii) the use of any virtualization technologies on such server ((a) through (c) collectively, “Server Information”). Additionally, “Server Information” may also include information collected from you by LiteSpeed in the event that you request technical support services including without limitation, IP addresses, usernames, and passwords necessary to login to SSH, the root directory of the server upon which you installed the LiteSpeed software and any affected accounts including email accounts, control panel accounts, MySQL accounts, CMS accounts and other accounts.

Use and Storage of Collected Information

LiteSpeed may use Personal Information to create and authenticate your account, to respond to your requests, to provide you with customer and technical support, or to provide you with information regarding our products, services, partners, and company. You may update your Personal Information with us at any time, but we may maintain records of any Personal Information you disclose to us indefinitely, unless otherwise requested as outlined below.

We may use User Communications in the same ways we use Personal Information. If you communicate with us for a particular purpose, we may use your User Communications for that purpose. For example, if you contact us for technical support, we may use your communications to provide technical support to you. We may maintain records of User Communications you transmit to us indefinitely, unless otherwise requested as outlined below.

LiteSpeed may use Non-Personal Information to maintain, evaluate, improve and provide our Site, the Services and any other LiteSpeed products and services. We may retain Non-Personal Information indefinitely.

We may use Server Information to provide you with technical support services and to maintain, evaluate, improve and provide LiteSpeed products and services. We may also use such information to investigate unlicensed (and therefore unauthorized) uses of our software. LiteSpeed may maintain Server Information indefinitely, with the exception of usernames, passwords, and other login information given in connection with support service requests. Such login information will be purged when the ticket is closed.

Disclosure of Collected Information

LiteSpeed will only disclose Personal Information to third parties if acting under a good faith belief that such action is necessary, including but not limited to: (a) to resolve disputes, investigate problems, or comply with laws or regulations; (b) to enforce our Terms of Service; (c) to protect and defend the rights, property, or safety of our company or our users; or (d) in the event of a merger, acquisition or sale of all or substantially all LiteSpeed assets. Other than this limited activity, we do not share, sell, or rent any personal information to third parties.

You will receive notice in the form of modifications to this Policy when information about you might go to third parties other than as described in this Policy, and you always have the opportunity to contact us as set forth below if you do not wish your information to go to third parties.

LiteSpeed cannot be responsible for protecting your information if you share such information in publicly available sections of the Site such as the user forums, blog comments, or testimonials section. You should use your own judgment in disclosing this information on the Site.

Use of Cookies

“Cookies” are small pieces of information that your browser stores on your computer on behalf of a website that you have visited. Cookies may be used in order to complete transactions on our site. You can always choose not to accept cookies with the settings of your web browser, however, you may not be able to complete these transactions if you do not accept cookies.

Security of Personal Information

We use reasonable security methods to protect your personal information from unauthorized access, use or disclosure. No data transmission over the Internet or any wireless network can be guaranteed to be perfectly secure. While we try to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.

LiteSpeed uses industry-standard SSL-encryption to protect sensitive data.

In the event that LiteSpeed becomes aware of a security breach, unauthorized disclosure or inadvertent disclosure concerning your information, you agree that LiteSpeed may notify you of such an event using the Personal Information previously provided.

You are responsible for maintaining your account’s security.

GDPR Notice and your Rights as Data Subject

For the purposes of the General Data Protection Regulation (the “GDPR”), in the European Union, LiteSpeed Technologies Inc. is a “data controller” of the Personal Information you provide to us for the primary purposes of providing you or your customers with our services.

For our customers and users in the European Union, by clicking the "I Accept" button or otherwise accepting the terms and conditions of our services through a clickable action or similar action, you hereby acknowledge, agree and unequivocally consent to the collection, processing, management, treatment, transfer and authorization of your Personal Information by LiteSpeed Technologies and/or its affiliates, clients, sub-processors and/or authorized third parties.

If you are a resident of Switzerland, the contact details for the data protection authorities are available here:
https://www.edoeb.admin.ch/edoeb/en/home.html.

For European Union (EU) customers, please be reminded that the EU has not found the United States and some other countries to have an adequate level of protection of Personal Information under Article 45 of the GDPR.

The sections here below cover certain situations that you, as data subject, and we as a data controller, are most likely to encounter; but you should also carefully review the full list of data subject rights here: https://www.gdpr-info.eu/chapter-3/.

  • Right to be Forgotten: You can request us to be “forgotten”; that is, to have your entire Personal Information removed from our service. If we are asked to do this, in accordance with Article 17 GDPR we will remove any Personal Information that we have collected from you as requester. We will also need to contact any third parties that process your Personal Information on our behalf, such as our cloud service providers using the adequate mechanisms. To ensure that any personal data in LiteSpeed Technologies’ possession can be removed in a timely manner, you can relay any request to be “forgotten” to us by submitting a request.
  • Right to Data Portability: In accordance with Article 20 GDPR our users located in the EU may request LiteSpeed Technologies to send them any Personal Information in our possession. In this case, we will provide you with any Personal Information that you have in a commonly used, machine-readable format.
  • Right to Data Access: As a data subject, in accordance with Article 15 GDPR you can ask LiteSpeed Technologies to confirm how and where your Personal Information is being stored and processed. You also have the right to know how such data is shared with third parties by us.
  • Right to Data Rectification: As a data subject, in accordance with Article 16 GDPR you have the right to obtain from LiteSpeed Technologies, without undue delay, the rectification of inaccurate Personal Information concerning you.
  • Right to be Informed: You have the right to be informed about the Personal Information we collect from you, and how we process it.
  • Right to Withdraw Consent: In accordance with Article 7(3) GDPR, you have the right to withdraw your consent given to us at any time.
  • Right to Object: In accordance with Article 18 GDPR you have the right to object to us processing your Personal Information for the following reasons:
    • Processing was not based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
    • Direct marketing (including profiling);
    • Processing for purposes of scientific/historical research and statistics; and
    • Rights in relation to automated decision-making and profiling.
  • Automated Individual Decision-Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
  • Right to Complain: You have the right to file a complaint with supervisory authorities if your information has not been processed in compliance with the GDPR. Furthermore, in accordance with Article 77 GDPR, if the supervisory authorities fail to address your complaint properly, you may have the right to a judicial remedy.

Privacy Requests

Lastly, you retain the right to access, amend, correct or delete your Personal Information where it is inaccurate at any time. To do so, please contact us as indicated in the Contact Us section. We reserve the right to charge a reasonable fee, as permitted by applicable laws and regulations, in order to comply with complex requests or repetitive requests from individual users.

Your privacy request must include, at the least, the following information: (i) your complete name, address and/or e-mail address in order for us to notify you of the response to your request; (ii) attached documents establishing your identity; and (iii) a clear and concise description of the Personal Information with regard to which you seek to enforce any of your privacy rights. If you request rectification, please indicate amendments to be made and attach documentation to back up your request.

Upon receipt of your privacy request, and after due review, we may then edit, deactivate and/or delete your Personal Information from our services for the maximum term allowed by the GDPR for each applicable case. In case of secure databases under our control where deletion is impossible, we will make such information permanently inaccessible.

Notice to California Residents

Pursuant to the California Consumer Privacy Act of 2018 (the “CCPA”), LiteSpeed Technologies and/or its affiliates, clients, sub-processors and/or authorized third parties hereto provide the following Privacy Policy notice regarding the categories of Personal Information that we may collect and/or disclose within the preceding twelve (12) months regarding California residents who are not employees, independent contractors, owners, directors, officers, or job applicants of LiteSpeed Technologies, or emergency contacts or benefits beneficiaries of the foregoing.

Thenceforth, the CCPA provides Californians with the following rights:

  • Requests for Information: you (or your authorized agent) can request a copy of your Personal Information, including how we have collected, used, and shared your Personal Information over the past 12 months (if any), including the categories of Personal Information we collected and our purposes for doing so; the categories of sources for that information; the categories of third parties with whom we shared it for a business purpose and our purposes for doing so.
  • Your Right to Notification: under the CCPA, we cannot collect new categories of Personal Information or use them for materially different purposes without first notifying you.
  • Nondiscrimination for exercising your CCPA Rights: the CCPA prohibits us from discriminating against you for exercising your rights under the law. Such discrimination may include denying services, charging different prices or rates for services, providing a different level or quality of services, or suggesting that you will receive a different level or quality of goods or services as a result of exercising your rights.
  • Your Right to Delete Personal Information: you can request that we delete your Personal Information by contacting us. You also can request that we delete specific information, and we will honor such requests, unless a due exception applies, such as when the information is necessary to complete a transaction, verify a fraud, review a chargeback or contract for which it was collected or when it is being used to detect, prevent, or investigate security incidents, comply with laws, identify and repair bugs or ensure another consumer’s ability to exercise their free speech rights or other rights provided by law.
    • Please take into consideration that we may deny your deletion request if retaining the Personal Information is necessary for us, our affiliates or our service providers in order to:

      • Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
      • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
      • Debug our products to identify and repair errors that impair existing intended functionality;
      • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
      • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
      • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
      • Comply with a legal obligation that has substantive grounds;
      • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Overall, we have, may or will collect the following categories of Personal Information from our users, customers and individuals, as necessary to fulfill our legal obligations and operational business purposes:

  • Personal information (as defined in the California Customer Records Law), such as contact information;
  • Identifiers, such as online identifier, IP address and name;
  • Internet or network activity information, such as browsing history and interactions with our and other websites and systems;
  • Geo-localization data, such as device location and IP location;
  • Audio, electronic, visual and similar information, such as video recordings and multimedia content created in connection with our business activities; and
  • Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics.

International Data Transfer Notice

LiteSpeed Technologies values your users’ privacy. Although our software does not directly collect any personally identifiable information from visitors to your site, LiteSpeed may still be considered a data processor in certain jurisdictions, as user information may be temporarily cached and/or logged, as outlined in this document.

We have our headquarters in the State of Pennsylvania, United States of America (USA). Henceforth, your Personal Information may be accessed by us or our affiliates, agents, partners and third-party service providers in the USA and our locations which may or may not be located in your country of residence, and you hereby consent to such access and transfer by simple disclosure.

Servers

LiteSpeed Web Server, OpenLiteSpeed, LiteSpeed Web ADC, and related software may record IP addresses as a part of normal logging. An access log and an error log may record visitor IP addresses and URL visited. The logs are stored locally on the system where LiteSpeed server software is installed and are not transferred to or accessed by LiteSpeed employees in any way, except as necessary in providing routine technical support if you request it. This logging may be turned off through configuration. It is up to individual server administrators to come up with their own schedule for removing such logs from the file system.

Cache Solutions

Our cache plugins potentially store a duplicate copy of every web page on display on your site. The pages are stored locally on the system where LiteSpeed server software is installed and are not transferred to or accessed by LiteSpeed employees in any way, except as necessary in providing routine technical support if you request it. All cache files are temporary, and may easily be purged before their natural expiration, if necessary, via a Purge All command. It is up to individual site administrators to come up with their own cache expiration rules.

LSCache for WordPress

In addition to caching, our WordPress plugin has an Image Optimization feature. When optimization is requested, images are transmitted to a remote LiteSpeed server, processed, and then transmitted back for use on your site. LiteSpeed keeps copies of optimized images for 7 days (in case of network stability issues) and then permanently deletes them.

Similarly, the WordPress plugin has a Reporting feature whereby a site owner can transmit an environment report to our server so that we may better provide technical support.

Neither of these features collects any visitor data. Only server and site data is involved.

Support Services

Sometimes, when you request technical support, LiteSpeed may ask for login credentials to various areas of your site. You may refuse to share such credentials, however refusal may impact LiteSpeed’s ability to provide the requested support services.

Upon completion of a support ticket, LiteSpeed immediately deletes all login credentials you may have shared.

Any user data encountered by LiteSpeed is kept strictly confidential. We never provide your support ticket information to any third party without your explicit consent.

Contact Us

If you would like to update information that you have voluntarily provided to us, stop receiving information from us, or exercise any of the rights granted to you under Privacy Laws, including the EU’s General Data Protection Regulation, please e-mail info@litespeedtech.com.