LiteSpeed web server is designed with security in mind. With chroot jail, IP level bandwidth throttling, connection accounting, strict HTTP request checking, and URL context filtering, DoS effects are minimized and the application backend is properly fenced away from the HTTP request layer, greatly reducing vulnerability.
Not only does LiteSpeed offer built-in denial of service attack protection, but you can quickly identify the site that is the target of such an attack via the real-time statistics available in the LiteSpeed console.
LiteSpeed Web server forwards requests to external applications such as CGI, Fast CGI and Servlet engine to process/generate dynamic content. Usually each request requires one instance of the external application. Those applications may use a lot of system resources, and the performance of the whole system will be severely degraded when system resource consumption reaches a certain point, for example, when swapping space has been used. DoS attacks can be conducted by flooding the web server with concurrent requests to an external application that consumes a lot of system resources. LiteSpeed web server pipelines requests and controls the concurrency level of external applications to prevent server overloading. It only forwards completed requests to external applications and caches the response. Thus external applications will be immediately available to process the next request without waiting for the response to be completely received by the client. In this way, the server can utilize fewer instances of external applications to serve more concurrent requests and will achieve higher performance and scalability. LiteSpeed web server uses its own virtual memory to cache the request and response body to minimize the usage of system memory without sacrificing performance.
LiteSpeed web server limits system resources consumption for CGI applications in two ways and effectively fends off "fork bomb" attacks.
LiteSpeed web server will serve a static file only if the following conditions are satisfied: