DDoS Attacks Taken Offline By LiteSpeed Enterprise 5.1.13

February 17th, 2017 by Ron Saad

LiteSpeed Enterprise servers around the globe were specifically targeted today by a surge of focused DDoS attacks.

Our tech support staff was alerted to the problem and quickly worked with our customers to gain access to one of the affected servers. Within an hour we had identified the vulnerability and corrected it, releasing LiteSpeed Enterprise 5.1.13.

LiteSpeed clients deploying LiteSpeed Enterprise should upgrade to 5.1.13 as soon as possible to avoid the DoS vulnerability.

The attack focused on a heap buffer overflow bug that was only present during logging operations (after the request had completed processing). The effect was to cause the server to spin for a while then unduly terminate, causing service disruption. To the best of our knowledge, no remote code injection, no root escalation and no data was compromised.

LiteSpeed Technologies is committed to providing the highest levels of service to our clients and ensuring that their sites remain protected and available at all times.

Timeline of a DDoS Attack on LiteSpeed Servers

12:15 EST: first reports of service disruptions
12:45 EST: LiteSpeed tech support gains access to affected server
13:15 EST: LiteSpeed tech support deploys first fix build
13:40 EST: LiteSpeed tech support pushes bug fix build of 5.1.12
14:05 EST: LiteSpeed tech support releases 5.1.13

 

Meet Us at WHD.global and HostingCon Global!

February 7th, 2017 by Kacey Schroeder

 

We are going for a trip around the world! At the end of March, we will be leaving our office in New Jersey, USA, to fly all the way to Rust, Germany, to attend WHD.global in Europa-Park. The second we get back from WHD.global, we will be on the next flight to Los Angeles, California, for HostingCon Global. We would love to personally invite each and every one of you to come visit us at both/either of these wonderful events! Read the rest of this entry »

Cache Makes the World Go Round

February 1st, 2017 by Kacey Schroeder

 

First, we would like to thank each and every one of you for trying out LiteSpeed Cache for WordPress. We’re proud to see that there are 30,000+ active WordPress sites running LiteSpeed Cache. There was an enormous effort to make this plugin the easiest and most efficient caching solution for both WordPress users and hosts. Our latest release of 1.0.14.1 includes some exciting User Interface changes that hopefully simplify things for the administrator/user.

Read the rest of this entry »

Why is Benchmarking WordPress so Hard?

December 1st, 2016 by Steven Antonucci

As promised, we’re going to be giving the hosting industry a tool for doing a proper “benchmark” as a means of evaluating your own WordPress capabilities in a standardized way. I’m going to start this post with a few definitions, since there has been a lot of misuse of the words and language in best practices.

Read the rest of this entry »

Prepare For the Holidays With LiteMage’s Newest Feature: Site Visitor Acceleration!

November 8th, 2016 by Rob Holda

imagenov82016

It’s no secret that the slower a page loads, the more likely a customer is to leave your site. With the newest enhancements to LiteSpeed Web Server and LiteMage Cache, you can rest easy knowing that all your visitors will experience the fastest load times ever!

Read the rest of this entry »

Can Your Magento Do This?

October 5th, 2016 by Steven Antonucci

We’re excited to share a quick LiteSpeed customer success story from one of our European partners running a large-scale Magento site supporting a popular television program.

Every week during the program, the Magento store is supported by a 6-node cluster front ended by a LiteSpeed Load Balancer with LiteMage cache. Stats from this past week are pretty amazing.

convo_1_blurred

fe49080bc43c6c3d4e3e33bd1d316477a2b0a1a9bb3bef11e0pimgpsh_fullsize_distr

In case your German is rusty, that’s almost 50,000 active users in this Magento store at peak usage.

convo_2_blurred

With the holiday shopping season rapidly approaching, we want to know…

Can your Magento do this?

Democracy and the Benchmark

September 19th, 2016 by Steven Antonucci

It seems like we’re entering the YouTube era of benchmarking.

aliens

You know how you can go on YouTube and find someone who knows almost nothing about the subject they are posting a video about? Well, benchmarking these days is kind of like that…

Read the rest of this entry »

Improving DigitalOcean WordPress Droplet Performance with just One Click (With OpenLiteSpeed)!

August 10th, 2016 by Rob Holda

DigitalOcean-WP-Droplet-1

LiteSpeed Technologies announces the release of a one-click script that quickly and easily supercharges your DigitalOcean Droplet’s WordPress setup. LiteSpeed’s cache performance delivers significant performance and scalability gains over the DigitalOcean default.

Read the rest of this entry »

The HTTPoxy Vulnerability has been taken care of by LiteSpeed, automatically!

July 18th, 2016 by Rob Holda

httpoxy

Today, HTTPoxy was discovered in the wild. This vulnerability affects some server-side web applications that run in CGI or CGI-like environments, such as some FastCGI configurations. So far, the PHP, Python, and Go languages are known to be affected by this.

The vulnerability is caused by conflicting namespaces. A CGI or FastCGI-like interface sets environment variables based on HTTP request parameters. These can override internal variables that are used to configure the application. Further explanation of this bug can be found on the httpoxy web page.

Read the rest of this entry »

LiteSpeed Announces Load Balancer 2.0 (LiteSpeed ADC) with built-in LiteMage Cluster + PageSpeed Optimization

June 28th, 2016 by Rob Holda

Buildings_Skyscrapers_Night_Freeway_Highway_Lights_Timelapse_650x300(2)

Introduction

It is a well-known fact that clustering Magento environments is technically complex. Adding Full Page Caching to a Magento cluster is even more difficult. Many people try to use PHP Full Page Caches with redis backends. This is not difficult, however the performance increase is not very good. Alternatively, introducing Varnish as the cache layer offers better performance. However, this creates a single point of failure, SSL termination issues, cache synchronization issues, and load balancing issues.

LiteSpeed Technologies proudly announces the industry’s first single layer, integrated, enterprise scale, application aware Application Delivery Controller (ADC).

Read the rest of this entry »