shell bypass 403
UnknownSec Shell
:
/
proc
/
thread-self
/
root
/
usr
/
local
/
lsws
/
docs
/ [
drwxr-xr-x
]
upload
mass deface
mass delete
console
info server
name :
ServTuning_Help.html
<!DOCTYPE html> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> <title>LiteSpeed Web Server Users' Manual - Server Tuning</title> <meta name="description" content="LiteSpeed Web Server Users' Manual - Server Tuning." /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="robots" content="noindex"> <link rel="shortcut icon" href="img/favicon.ico" /> <link rel="stylesheet" type="text/css" href="css/hdoc.css"> </head> <body> <div class="pagewrapper clearfix"><aside class="sidetree ls-col-1-5"> <figure> <img src="img/lsws_logo.svg" alt="lightspeed web server logo" width="100px"/> </figure> <h2 class="ls-text-thin"> LiteSpeed Web Server <br /> <span class="current"><a href="index.html">Users' Manual</a></span> </h2> <h3 class="ls-text-muted">Version 6.3 — Rev. 0</h3> <hr/> <div> <ul> <li><a href="license.html">License Enterprise</a></li> <li><a href="intro.html">Introduction</a></li> <li><a href="install.html">Installation</a></li> <li> <a href="admin.html">Administration</a> <ul class="menu level2"> <li><a href="ServerStat_Help.html">Service Manager</a></li> <li><a href="Real_Time_Stats_Help.html">Real-Time Stats</a></li> </ul> </li> <li><a href="security.html">Security</a></li> <li> <a href="config.html">Configuration</a> <ul class="level2"> <li><a href="ServGeneral_Help.html">Server General</a></li> <li><a href="ServLog_Help.html">Server Log</a></li> <li><span class="current"><a href="ServTuning_Help.html">Server Tuning</a></span></li> <li><a href="ServSecurity_Help.html">Server Security</a></li> <li><a href="Cache_Help.html">Page Cache</a></li> <li><a href="PageSpeed_Config.html">PageSpeed Config</a></li> <li><a href="ExtApp_Help.html">External Apps</a></li> <ul class="level3"> <li><a href="External_FCGI.html">Fast CGI App</a></li> <li><a href="External_FCGI_Auth.html">Fast CGI Authorizer</a></li> <li><a href="External_LSAPI.html">LSAPI App</a></li> <li><a href="External_Servlet.html">Servlet Engine</a></li> <li><a href="External_WS.html">Web Server</a></li> <li><a href="External_PL.html">Piped logger</a></li> <li><a href="External_LB.html">Load Balancer</a></li> </ul> <li><a href="ScriptHandler_Help.html">Script Handler</a></li> <li><a href="PHP_Help.html">PHP</a></li> <li><a href="App_Server_Help.html">App Server Settings</a></li> <li><a href="Listeners_General_Help.html">Listener General</a></li> <li><a href="Listeners_SSL_Help.html">Listener SSL</a></li> <li><a href="Templates_Help.html">Virtual Host Templates</a></li> <li><a href="VirtualHosts_Help.html">Virtual Host Basic</a></li> <li><a href="VHGeneral_Help.html">Virtual Host General</a></li> <li><a href="VHSecurity_Help.html">Virtual Host Security</a></li> <li><a href="VHSSL_Help.html">Virtual Host SSL</a></li> <li> <a href="VHPageSpeed_Config.html">Virtual Host PageSpeed Config</a> </li> <li><a href="Rewrite_Help.html">Rewrite</a></li> <li><a href="Context_Help.html">Context</a></li> <ul class="level3"> <li><a href="Static_Context.html">Static Context</a></li> <li> <a href="Java_Web_App_Context.html">Java Web App Context</a> </li> <li><a href="Servlet_Context.html">Servlet Context</a></li> <li><a href="FCGI_Context.html">Fast CGI Context</a></li> <li><a href="LSAPI_Context.html">LSAPI Context</a></li> <li><a href="Proxy_Context.html">Proxy Context</a></li> <li><a href="CGI_Context.html">CGI Context</a></li> <li><a href="LB_Context.html">Load Balancer Context</a></li> <li><a href="Redirect_Context.html">Redirect Context</a></li> <li><a href="App_Server_Context.html">App Server Context</a></li> <li><a href="Rails_Context.html">Rack/Rails Context</a></li> </ul> <li><a href="VHAddOns_Help.html">Add-ons</a></li> </ul> </li> <li> <a href="webconsole.html">Web Console</a> <ul class="level2"> <li><a href="AdminGeneral_Help.html">Admin Console General</a></li> <li><a href="AdminSecurity_Help.html">Admin Console Security</a></li> <li> <a href="AdminListeners_General_Help.html"> Admin Listener General </a> </li> <li> <a href="AdminListeners_SSL_Help.html">Admin Listener SSL</a> </li> </ul> </li> </ul> </div> </aside> <article class="contentwrapper ls-col-3-5 clearfix"><div class="nav-bar ls-spacer-micro-top"><div class="prev">« <a href="ServLog_Help.html">Server Log</a></div><div class="center"><a href="config.html">Configuration</a></div><div class="next"><a href="ServSecurity_Help.html">Server Security</a> »</div></div> <h1>Server Tuning</h1><h2 id="top">Table of Contents</h2><section class="toc"><section class="toc-row"><header>General</header><p> <a href="#ramDiskPath">RAM Disk Path</a> | <a href="#shmDefaultDir">Default SHM Directory</a> | <a href="#bindIPv6Only">Bind IPv6 Only</a> | <a href="#reverseDnsLookup">Reverse DNS Lookup</a> | <a href="#verifyGoogleBot">Verify Google Bot</a> | <a href="#forceSecureCookie">Secure Cookie Control</a> | <a href="#proxyProtocol">PROXY protocol</a></p></section> <section class="toc-row"><header>Connection</header><p> <a href="#maxConnections">Max Connections</a> | <a href="#maxSSLConnections">Max SSL Connections</a> | <a href="#connTimeout">Connection Timeout (secs)</a> | <a href="#maxKeepAliveReq">Max Keep-Alive Requests</a> | <a href="#keepAliveTimeout">Keep-Alive Timeout (secs)</a> | <a href="#sndBufSize">Send Buffer Size (bytes)</a> | <a href="#rcvBufSize">Receive Buffer Size (bytes)</a></p></section> <section class="toc-row"><header>Request/Response</header><p> <a href="#maxReqURLLen">Max Request URL Length (bytes)</a> | <a href="#maxReqHeaderSize">Max Request Header Size (bytes)</a> | <a href="#maxReqBodySize">Max Request Body Size (bytes)</a> | <a href="#maxDynRespHeaderSize">Max Dynamic Response Header Size (bytes)</a> | <a href="#maxDynRespSize">Max Dynamic Response Body Size (bytes)</a></p></section> <section class="toc-row"><header>Static File Delivery Optimization</header><p> <a href="#maxCachedFileSize">Max Cached Small File Size (bytes)</a> | <a href="#totalInMemCacheSize">Total Small File Cache Size (bytes)</a> | <a href="#maxMMapFileSize">Max MMAP File Size (bytes)</a> | <a href="#totalMMapCacheSize">Total MMAP Cache Size (bytes)</a> | <a href="#useSendfile">Use sendfile()</a> | <a href="#useAIO">Use AIO</a> | <a href="#AIOBlockSize">AIO Block Size</a> | <a href="#fileETag">File ETag</a></p></section> <section class="toc-row"><header>GZIP/Brotli Compression</header><p> <a href="#enableGzipCompress">Enable Compression</a> | <a href="#compressibleTypes">Compressible Types</a> | <a href="#enableDynGzipCompress">Enable GZIP Dynamic Compression</a> | <a href="#gzipCompressLevel">GZIP Compression Level (Dynamic Content)</a> | <a href="#enableBrCompress">Brotli Compression Level (Dynamic Content)</a> | <a href="#gzipAutoUpdateStatic">Auto Update Static File</a> | <a href="#gzipStaticCompressLevel">GZIP Compression Level (Static File)</a> | <a href="#brStaticCompressLevel">Brotli Compression Level (Static File)</a> | <a href="#gzipCacheDir">Static Cache Directory</a> | <a href="#gzipMaxFileSize">Max Static File Size (bytes)</a> | <a href="#gzipMinFileSize">Min Static File Size (bytes)</a></p></section> <section class="toc-row"><header>SSL Global Settings</header><p> <a href="#sslDefaultCiphers">Default Cipher Suite</a> | <a href="#sslStrongDhKey">SSL Strong DH Key</a> | <a href="#sslEnableMultiCerts">Enable Multiple SSL Certificates</a> | <a href="#sslCertCompress">Enable Certificate Compression</a> | <a href="#sslHsOffload">Enable Handshake Offload</a> | <a href="#sslSessionCache">Enable Session Cache</a> | <a href="#sslSessionCacheSize">Session Cache Size (bytes)</a> | <a href="#sslSessionCacheTimeout">Session Cache Timeout (secs)</a> | <a href="#sslSessionTickets">Enable Session Tickets</a> | <a href="#sslSessionTicketLifetime">SSL Session Ticket Lifetime (secs)</a> | <a href="#sslSessionTicketKeyFile">SSL Session Ticket Key File</a> | <a href="#sslOcspProxy">OCSP Proxy</a> | <a href="#sslStrictSni">Strict SNI Certificate</a></p></section> <section class="toc-row"><header>HTTP3/QUIC</header><p> <a href="#quicEnable">Enable HTTP3/QUIC</a> | <a href="#quicShmDir">QUIC SHM Directory</a> | <a href="#quicVersions">HTTP3/QUIC Versions</a> | <a href="#quicCongestionCtrl">Congestion Control</a> | <a href="#quicCfcw">Connection Flow Control Window</a> | <a href="#quicMaxCfcw">Max Connection Flow Control Window</a> | <a href="#quicSfcw">Stream Flow Control Window</a> | <a href="#quicMaxSfcw">Max Stream Flow Control Window</a> | <a href="#quicMaxStreams">Max Concurrent Streams Per Connection</a> | <a href="#quicHandshakeTimeout">Handshake Timeout</a> | <a href="#quicIdleTimeout">Idle Timeout</a> | <a href="#quicEnableDPLPMTUD">Enable DPLPMTUD</a> | <a href="#quicBasePLPMTU">PLPMTU Base Value</a> | <a href="#quicMaxPLPMTU">PLPMTU Max Value</a></p></section> </section> <section><div class="helpitem"><article class="ls-helpitem"><div><header id="ramDiskPath"><h3>RAM Disk Path<span class="ls-permlink"><a href="#ramDiskPath"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Setting the RAM Disk Path allows you to designate the location of a RAM disk. A RAM disk is a world-writable directory stored in memory. A server with excess RAM can reduce disk I/O by serving content from this RAM disk. Accessing content from RAM is much faster than reading data from the disk. LSWS will use this RAM disk to optimize performance when there is enough memory available.<br/><br/> (The RAM disk must be designated in your OS setup before it can be used by the web server. Many Linux distributions assign /dev/shm as a RAM disk by default, but these settings depend on your OS.)</p> <h4>Syntax</h4><p>path</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="shmDefaultDir"><h3>Default SHM Directory<span class="ls-permlink"><a href="#shmDefaultDir"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Changes shared memory's default directory to the specified path. If the directory does not exist, it will be created. All SHM data will be stored in this directory unless otherwise specified.</p> <h4>Syntax</h4><p>path</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="bindIPv6Only"><h3>Bind IPv6 Only<span class="ls-permlink"><a href="#bindIPv6Only"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Only bind IPv6 for IPv6 wildcard IP addresses. When set to "Yes", IPv4 IP addresses will not be bound and will need their own listeners.<br/><br/> Default value: Yes</p> <h4>Syntax</h4><p>Select from radio box</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="reverseDnsLookup"><h3>Reverse DNS Lookup<span class="ls-permlink"><a href="#reverseDnsLookup"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Perform an IP -> Domain Name lookup for each client. This can be used in access logging.<br/><br/> Default value: No</p> <h4>Syntax</h4><p>Select from radio box</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="verifyGoogleBot"><h3>Verify Google Bot<span class="ls-permlink"><a href="#verifyGoogleBot"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Perform a PTR lookup to ensure that the reverse DNS of an IP matches Google's crawler information and bypass reCAPTCHA verification if so. Bad Google bot IPs are logged.<br/><br/> Default value: No</p> <h4>Syntax</h4><p>Select from radio box</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="forceSecureCookie"><h3>Secure Cookie Control<span class="ls-permlink"><a href="#forceSecureCookie"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Control whether to send cookies with the flag "secure", attribute "SameSite=Strict", and attribute "SameSite=Lax".<br/><br/> If both "SameSite=Strict" and "SameSite=Lax" are selected, "SameSite=Strict" will be used.<br/><br/> Default value: "secure"</p> <h4>Syntax</h4><p>Select from checkbox</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="proxyProtocol"><h3>PROXY protocol<span class="ls-permlink"><a href="#proxyProtocol"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>List of IPs/subnets for front-end proxies that communicate with this server using PROXY protocol. Once set, the server will use PROXY protocol for incoming connections from listed IPs/subnets or fall back to a regular connection if PROXY protocol is unavailable.<br/><br/> Applies to HTTP, HTTPS, HTTP2, and websocket connections.</p> <h4>Syntax</h4><p>Comma delimited list of IP addresses or sub-networks.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="maxConnections"><h3>Max Connections<span class="ls-permlink"><a href="#maxConnections"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum number of concurrent connections that the server can accept. This includes both plain TCP connections and SSL connections. This setting should not be set to exceed the hard limit set by the server software edition or license: <span class="val">500</span> for VPS license, <span class="val">800</span> for Ultra VPS license. Once the maximum concurrent connections limit is reached, the server will close Keep-Alive connections when they complete active requests.</p> <h4>Syntax</h4><p>Integer number</p> <h4>Tips</h4><p><span title="Information" class="ls-icon-info"></span> When the server is started by "root" user, the server will try to adjust the per-process file descriptor limits automatically, however, if this fails, you may need to increase this limit manually.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="maxSSLConnections"><h3>Max SSL Connections<span class="ls-permlink"><a href="#maxSSLConnections"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum number of concurrent SSL connections the server will accept. Since total concurrent SSL and non-SSL connections cannot exceed the limit specified by <span class="tagl"><a href="#maxConnections">Max Connections</a></span>, the actual number of concurrent SSL connections allowed must be lower than this limit.</p> <h4>Syntax</h4><p>Integer number</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="connTimeout"><h3>Connection Timeout (secs)<span class="ls-permlink"><a href="#connTimeout"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum connection idle time allowed during processing one request. The connection will be closed if it has been idle, i.e. no I/O activity, for this period of time.</p> <h4>Syntax</h4><p>Integer number</p> <h4>Tips</h4><p><span title="Security" class="ls-icon-security"></span> Set this as low as you can to help recover dead connections during a potential DoS attack.</p> <h4>See Also</h4><p class="ls-text-small"><span class="tagl"><a href="#keepAliveTimeout">Keep-Alive Timeout (secs)</a></span></p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="maxKeepAliveReq"><h3>Max Keep-Alive Requests<span class="ls-permlink"><a href="#maxKeepAliveReq"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum number of requests that can be served through a keep-alive (persistent) session. The connection will be closed once this limit is reached. You can set this limit for each virtual host as well.</p> <h4>Syntax</h4><p>Integer number</p> <h4>Tips</h4><p><span title="Performance" class="ls-icon-performance"></span> Set this to a reasonably high value. A value of "1" or "0" will disable keep-alive.</p> <h4>See Also</h4><p class="ls-text-small">Virtual Host <span class="tagl"><a href="VirtualHosts_Help.html#vhMaxKeepAliveReq">Max Keep-Alive Requests</a></span></p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="keepAliveTimeout"><h3>Keep-Alive Timeout (secs)<span class="ls-permlink"><a href="#keepAliveTimeout"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum idle time between requests from a keep-alive connection. If no new request is received during this period of time, the connection will be closed. This setting only applies to HTTP/1.1 connections. HTTP/2 connections have long keep-alive timeouts by design and are not affected by this setting.</p> <h4>Syntax</h4><p>Integer number</p> <h4>Tips</h4><p><span title="Security" class="ls-icon-security"></span><span title="Performance" class="ls-icon-performance"></span> We recommend that you set this value just long enough to wait for subsequent requests from a client when there are more assets referenced by a single page that need to be loaded. Do not set this too long hoping that the next page will be served over the keep-alive connection. Keeping many idle keep-alive connections is a waste of server resources and could be taken advantage of by (D)DoS attacks. <span class="val">2-5</span> seconds is a reasonable range for most applications. LiteSpeed is highly efficient in a non-keep-alive environment.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sndBufSize"><h3>Send Buffer Size (bytes)<span class="ls-permlink"><a href="#sndBufSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>The sending buffer size of each TCP socket. <span class="val">512K</span> is the maximum allowed buffer size.</p> <h4>Syntax</h4><p>Integer number</p> <h4>Tips</h4><p><span title="Performance" class="ls-icon-performance"></span> It is recommended to leave this value as "Not Set" or set to 0 to use the operating system's default buffer size.<br/> <span title="Performance" class="ls-icon-performance"></span> If your web site serves large static files, increase the send buffer size to improve performance.<br/> <span title="Performance" class="ls-icon-performance"></span> Setting this to a lower value will reduce throughput and memory usage per socket allowing the server to have more concurrent sockets when memory is a bottleneck.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="rcvBufSize"><h3>Receive Buffer Size (bytes)<span class="ls-permlink"><a href="#rcvBufSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>The receiving buffer size of each TCP socket. <span class="val">512K</span> is the maximum allowed buffer size.</p> <h4>Syntax</h4><p>Integer number</p> <h4>Tips</h4><p><span title="Performance" class="ls-icon-performance"></span> It is recommended to leave this value as "Not Set" or set to 0 to use the operating system's default buffer size.<br/> <span title="Performance" class="ls-icon-performance"></span> A large receive buffer will increase performance when processing incoming requests with large payloads, i.e. file uploads.<br/> <span title="Performance" class="ls-icon-performance"></span> Setting this to a lower value will reduce throughput and memory usage per socket allowing the server to have more concurrent sockets when memory is a bottleneck.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="maxReqURLLen"><h3>Max Request URL Length (bytes)<span class="ls-permlink"><a href="#maxReqURLLen"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum size of a request URL. URL is the full text address used to access a server resource including the query string. Hard limit is <span class="val">65530</span> bytes. Values larger than this, such as <span class="val">64K</span> (6 bytes larger), will be treated as if <span class="val">65530</span> was used.<br/><br/> Default value: <span class="val">8192</span> or <span class="val">8K</span>.</p> <h4>Syntax</h4><p>Integer number</p> <h4>Tips</h4><p><span title="Security" class="ls-icon-security"></span><span title="Performance" class="ls-icon-performance"></span> Set it reasonably low to reduce memory usage and help identify bogus requests and DoS attacks.<br/> 2-3K is big enough for most web sites unless the HTTP GET method is used with large query strings instead of POST.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="maxReqHeaderSize"><h3>Max Request Header Size (bytes)<span class="ls-permlink"><a href="#maxReqHeaderSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum size of an HTTP request header including request URL. Hard limit is <span class="val">65530</span> bytes. Values larger than this, such as <span class="val">64K</span> (6 bytes larger), will be treated as if <span class="val">65530</span> was used.<br/><br/> Default value: <span class="val">32768</span> or <span class="val">32K</span></p> <h4>Syntax</h4><p>Integer number</p> <h4>Tips</h4><p><span title="Security" class="ls-icon-security"></span><span title="Performance" class="ls-icon-performance"></span> Set it reasonably low to reduce memory usage and help identify bogus requests and DoS attacks.<br/> 4-8K is big enough for most web sites under normal circumstances.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="maxReqBodySize"><h3>Max Request Body Size (bytes)<span class="ls-permlink"><a href="#maxReqBodySize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum size of an HTTP request body. For a 32Bit OS, <span class="val">2GB</span> is the hard limit. For a 64Bit OS, it is virtually unlimited.</p> <h4>Syntax</h4><p>Integer number</p> <h4>Tips</h4><p><span title="Security" class="ls-icon-security"></span> To help prevent DoS attacks, try to constrain this limit to only what is really needed. Your swapping space must have enough free space to accommodate this limit.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="maxDynRespHeaderSize"><h3>Max Dynamic Response Header Size (bytes)<span class="ls-permlink"><a href="#maxDynRespHeaderSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum header size of a dynamically generated response. Hard limit is <span class="val">65530</span> bytes. Values larger than this, such as <span class="val">64K</span> (6 bytes larger), will be treated as if <span class="val">65530</span> was used.<br/><br/> Default value: <span class="val">32768</span> or <span class="val">32K</span></p> <h4>Syntax</h4><p>Integer number</p> <h4>Tips</h4><p><span title="Performance" class="ls-icon-performance"></span> Set it reasonably low to help recognize bad responses dynamically generated by external applications.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="maxDynRespSize"><h3>Max Dynamic Response Body Size (bytes)<span class="ls-permlink"><a href="#maxDynRespSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum body size of a dynamically generated response.</p> <h4>Syntax</h4><p>Integer number</p> <h4>Tips</h4><p><span title="Performance" class="ls-icon-performance"></span> Set the limit reasonably low to help identify bad responses. It is not uncommon to malformed scripts to contain an infinite loop which leads to infinity-sized responses.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="maxCachedFileSize"><h3>Max Cached Small File Size (bytes)<span class="ls-permlink"><a href="#maxCachedFileSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the largest static file that will be cached in a pre-allocated memory buffer. Static files can be served in four different ways: memory buffer cache, memory-mapped cache, plain read/write, and sendfile(). Files whose size is smaller than this setting are served from memory buffer cache. Files whose size is larger than this setting, but smaller than the <span class="tagl"><a href="#maxMMapFileSize">Max MMAP File Size (bytes)</a></span> will be served from memory-mapped cache. Files whose size is larger than the <span class="tagl"><a href="#maxMMapFileSize">Max MMAP File Size (bytes)</a></span> will be served via plain read/write or sendfile(). It is optimal to serve static files smaller than 4K from the memory buffer cache.</p> <h4>Syntax</h4><p>Integer number</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="totalInMemCacheSize"><h3>Total Small File Cache Size (bytes)<span class="ls-permlink"><a href="#totalInMemCacheSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the total memory that can be allocated to the buffer cache in order to cache/serve small static files.</p> <h4>Syntax</h4><p>Integer number</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="maxMMapFileSize"><h3>Max MMAP File Size (bytes)<span class="ls-permlink"><a href="#maxMMapFileSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the largest static file that will be memory mapped (MMAP). Static files can be served in four different ways: memory buffer cache, memory-mapped cache, plain read/write, and sendfile(). Files whose size is smaller than the <span class="tagl"><a href="#maxCachedFileSize">Max Cached Small File Size (bytes)</a></span> are served from memory buffer cache. Files whose size is larger than the <span class="tagl"><a href="#maxCachedFileSize">Max Cached Small File Size (bytes)</a></span>, but smaller than the Max MMAP File Size will be served from memory-mapped cache. Files whose size is larger than the Max MMAP File Size will be served via plain read/write or sendfile(). Since the server has a 32bit address space (2GB), it is not recommended to memory map very large files.</p> <h4>Syntax</h4><p>Integer number</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="totalMMapCacheSize"><h3>Total MMAP Cache Size (bytes)<span class="ls-permlink"><a href="#totalMMapCacheSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the total memory that can be allocated for memory- mapped cache in order to cache/serve medium sized static files.</p> <h4>Syntax</h4><p>Integer number</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="useSendfile"><h3>Use sendfile()<span class="ls-permlink"><a href="#useSendfile"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies whether to use the sendfile() system call to serve static files. Static files can be served in four different ways: memory buffer cache, memory-mapped cache, plain read/write, and sendfile(). Files smaller than the <span class="tagl"><a href="#maxCachedFileSize">Max Cached Small File Size (bytes)</a></span> are served from memory buffer cache. Files larger than the <span class="tagl"><a href="#maxCachedFileSize">Max Cached Small File Size (bytes)</a></span> but smaller than the <span class="tagl"><a href="#maxMMapFileSize">Max MMAP File Size (bytes)</a></span> will be served from memory-mapped cache. Files larger than the <span class="tagl"><a href="#maxMMapFileSize">Max MMAP File Size (bytes)</a></span> will be served via plain read/write or sendfile(). Sendfile() is a "zero copy" system call that can greatly reduce CPU utilization when serving very large static files. Sendfile() requires an optimized network card kernel driver and thus may not be suitable for some small-vendor network adapters.</p> <h4>Syntax</h4><p>Select from radio box</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="useAIO"><h3>Use AIO<span class="ls-permlink"><a href="#useAIO"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies whether to use AIO to serve static files. AIO will help if your server has a high I/O wait. For 64bit operation system, there is an option to keep files mapped in process address space to improve AIO performance.</p> <h4>Syntax</h4><p>Select from drop down list</p> <h4>See Also</h4><p class="ls-text-small"><span class="tagl"><a href="#AIOBlockSize">AIO Block Size</a></span></p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="AIOBlockSize"><h3>AIO Block Size<span class="ls-permlink"><a href="#AIOBlockSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the sent block size for AIO. This block size multiplied by the total files being processed should be less than the physical memory of the server, otherwise, AIO will not help. If your server has enough memory, you can choose a bigger size.<br/><br/> Default value: <span class="val">1M</span></p> <h4>Syntax</h4><p>Select from drop down list</p> <h4>See Also</h4><p class="ls-text-small"><span class="tagl"><a href="#useAIO">Use AIO</a></span></p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="fileETag"><h3>File ETag<span class="ls-permlink"><a href="#fileETag"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies whether to use a file's inode, last-modified time, and size attributes to generate the ETag HTTP response header for static files. All three attributes are enabled by default. If you plan to serve the same file out of mirrored servers, you should not include inode; otherwise, the ETag generated for one file will be different on different servers.</p> <h4>Syntax</h4><p>Select from checkbox</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="enableGzipCompress"><h3>Enable Compression<span class="ls-permlink"><a href="#enableGzipCompress"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Enables GZIP/Brotli compression for both static and dynamic responses.<br/><br/> Default value: Yes</p> <h4>Syntax</h4><p>Select from radio box</p> <h4>Tips</h4><p><span title="Performance" class="ls-icon-performance"></span> Enable it to save network bandwidth. Text-based responses such as html, css, and javascript files benefit the most and on average can be compressed to half of their original size.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="compressibleTypes"><h3>Compressible Types<span class="ls-permlink"><a href="#compressibleTypes"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies what MIME types are allowed to be compressed. Leave this setting unset or enter <span class="val">default</span> to use the server built-in default list which should already cover most mime-types.<br/><br/> Default value: <span class="val">text/*,application/x-javascript,application/javascript,application/xml,image/svg+xml,application/rss+xml, application/json,application/vnd.ms-fontobject,application/x-font,application/x-font-opentype, application/x-font-truetype,application/x-font-ttf,font/eot,font/opentype,font/otf,font/ttf,image/x-icon, image/vnd.microsoft.icon,application/xhtml+xml</span></p> <h4>Syntax</h4><p>MIME type list separated by commas. Wild card "*" and negate sign "!" are allowed, such as text/*, !text/js.</p> <h4>Example</h4><div class="ls-example">If you want to compress text/* but not text/css, you can have a rule like <span class="val">text/*, !text/css</span>. "!" will exclude that MIME type.</div><h4>Tips</h4><p><span title="Performance" class="ls-icon-performance"></span> Only allow types that will benefit from GZIP/Brotli compression. Binary files such as gif/png/jpeg images and flash files do not benefit from compression.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="enableDynGzipCompress"><h3>Enable GZIP Dynamic Compression<span class="ls-permlink"><a href="#enableDynGzipCompress"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Controls GZIP compression for dynamically generated responses.<br/><br/> For this setting to have an effect, <span class="tagl"><a href="#enableGzipCompress">Enable Compression</a></span> must be set to <span class="val">Yes</span>.<br/><br/> Default value: Yes</p> <h4>Syntax</h4><p>Select from radio box</p> <h4>Tips</h4><p><span title="Performance" class="ls-icon-performance"></span> Compressing dynamic responses increases CPU and memory utilization but saves network bandwidth.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="gzipCompressLevel"><h3>GZIP Compression Level (Dynamic Content)<span class="ls-permlink"><a href="#gzipCompressLevel"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the level of GZIP compression applied to dynamic content. Ranges from <span class="val">1</span> (lowest) to <span class="val">9</span> (highest).<br/><br/> This setting will only take effect when <span class="tagl"><a href="#enableGzipCompress">Enable Compression</a></span> and <span class="tagl"><a href="#enableDynGzipCompress">Enable GZIP Dynamic Compression</a></span> are enabled.<br/><br/> Default value: 6</p> <h4>Syntax</h4><p>Number between 1 and 9.</p> <h4>Tips</h4><p><span title="Performance" class="ls-icon-performance"></span> Higher compression level will use more memory and CPU cycles. You can set it to a higher level if your machine has additional power. There is not much difference between 6 and 9, except that 9 uses many more CPU cycles.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="enableBrCompress"><h3>Brotli Compression Level (Dynamic Content)<span class="ls-permlink"><a href="#enableBrCompress"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Controls the level of Brotli compression applied to dynamic responses. Ranges from <span class="val">0</span> (OFF) to <span class="val">6</span> (highest).<br/><br/> This setting will only take effect when <span class="tagl"><a href="#enableGzipCompress">Enable Compression</a></span> is enabled.<br/><br/> Default value: 2</p> <h4>Syntax</h4><p>Number between 0 and 6.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="gzipAutoUpdateStatic"><h3>Auto Update Static File<span class="ls-permlink"><a href="#gzipAutoUpdateStatic"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies whether to let the server automatically create/update GZIP/Brotli-compressed versions of compressible static files or not. If set to <span class="val">Yes</span>, when a file with a MIME type listed in <span class="tagl"><a href="#compressibleTypes">Compressible Types</a></span> is requested, the server may create or update the corresponding compressed version of the file depending on the compressed file's timestamp. This compressed file is created under the <span class="tagl"><a href="#gzipCacheDir">Static Cache Directory</a></span>. The filename is based on a MD5 hash of the path of the original file.<br/><br/> Default value: Yes</p> <h4>Syntax</h4><p>Select from radio box</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="gzipStaticCompressLevel"><h3>GZIP Compression Level (Static File)<span class="ls-permlink"><a href="#gzipStaticCompressLevel"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the level of GZIP compression applied to static files. Ranges from <span class="val">1</span> (lowest) to <span class="val">9</span> (highest).<br/><br/> This setting will only take effect when <span class="tagl"><a href="#enableGzipCompress">Enable Compression</a></span> and <span class="tagl"><a href="#gzipAutoUpdateStatic">Auto Update Static File</a></span> are enabled.<br/><br/> Default value: 6</p> <h4>Syntax</h4><p>Number between 1 and 9.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="brStaticCompressLevel"><h3>Brotli Compression Level (Static File)<span class="ls-permlink"><a href="#brStaticCompressLevel"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the level of Brotli compression applied to static files. Ranges from <span class="val">1</span> (lowest) to <span class="val">11</span> (highest).<br/><br/> This setting will only take effect when <span class="tagl"><a href="#enableGzipCompress">Enable Compression</a></span> and <span class="tagl"><a href="#gzipAutoUpdateStatic">Auto Update Static File</a></span> are enabled.<br/><br/> Default value: 5</p> <h4>Syntax</h4><p>Number between 1 and 11.</p> <h4>Tips</h4><p><span title="Performance" class="ls-icon-performance"></span> Save network bandwidth. Text-based responses such as html, css, and javascript files benefit the most and on average can be compressed to half of their original size.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="gzipCacheDir"><h3>Static Cache Directory<span class="ls-permlink"><a href="#gzipCacheDir"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the path of the directory used to store compressed files for static content.<br/><br/> Default value: <span class="tagl"><a href="#swappingDir">Swapping Directory</a></span>.</p> <h4>Syntax</h4><p>Directory Path</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="gzipMaxFileSize"><h3>Max Static File Size (bytes)<span class="ls-permlink"><a href="#gzipMaxFileSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum size of a static file for which the server will create a compressed file automatically.<br/><br/> Default value: 10M</p> <h4>Syntax</h4><p>Number in bytes not less than 1K.</p> <h4>Tips</h4><p><span title="Performance" class="ls-icon-performance"></span> It is not recommended to have the server create/update compressed files for large files. Compressing blocks an entire server process and no further requests can be processed until the compression is completed.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="gzipMinFileSize"><h3>Min Static File Size (bytes)<span class="ls-permlink"><a href="#gzipMinFileSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the minimum size of a static file for which the server will create a corresponding compressed file.<br/><br/> Default value: 200</p> <h4>Syntax</h4><p>Number in bytes not less than 200.</p> <h4>Tips</h4><p><span title="Information" class="ls-icon-info"></span> It is not necessary to compress very small files as the bandwidth saving is negligible.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslDefaultCiphers"><h3>Default Cipher Suite<span class="ls-permlink"><a href="#sslDefaultCiphers"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Default cipher suite for SSL certificates.<br/><br/> Default value: Server Internal Default (Based on current best practices)</p> <h4>Syntax</h4><p>Colon-separated string of cipher specifications.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslStrongDhKey"><h3>SSL Strong DH Key<span class="ls-permlink"><a href="#sslStrongDhKey"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies whether to use 2048 or 1024 bit DH keys for SSL handshakes. If set to "Yes", 2048 bit DH keys will be used for 2048 bit SSL keys and certificates. 1024 bit DH keys will still be used in other situations. Default is "Yes".<br/><br/> Earlier versions of Java do not support DH key size higher than 1024 bits. If Java client compatibility is required, this should be set to "No".</p> <h4>Syntax</h4><p>radio</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslEnableMultiCerts"><h3>Enable Multiple SSL Certificates<span class="ls-permlink"><a href="#sslEnableMultiCerts"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Allows listeners/vhosts to set multiple SSL certificates. If multiple certificates are enabled, the certificates/keys are expected to follow a naming scheme. If the cert is named server.crt, other possible cert names are server.crt.rsa, server.crt.dsa, server.crt.ecc. If "Not Set", defaults to "No".</p> <h4>Syntax</h4><p>Select from radio box</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslCertCompress"><h3>Enable Certificate Compression<span class="ls-permlink"><a href="#sslCertCompress"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Use SSL certificate compression.<br/><br/> Default value: On</p> <h4>Syntax</h4><p>Select from radio box</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslHsOffload"><h3>Enable Handshake Offload<span class="ls-permlink"><a href="#sslHsOffload"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Offload SSL handshake to a separate thread.<br/><br/> Default value: On</p> <h4>Syntax</h4><p>Select from radio box</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslSessionCache"><h3>Enable Session Cache<span class="ls-permlink"><a href="#sslSessionCache"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Enables session id caching using OpenSSL's default setting. Default value is "No".</p> <h4>Syntax</h4><p>Select from radio box</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslSessionCacheSize"><h3>Session Cache Size (bytes)<span class="ls-permlink"><a href="#sslSessionCacheSize"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Sets the maximum number of SSL session IDs to store in the cache. Default is 1,000,000.</p> <h4>Syntax</h4><p>Integer number</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslSessionCacheTimeout"><h3>Session Cache Timeout (secs)<span class="ls-permlink"><a href="#sslSessionCacheTimeout"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>This value determines how long a session ID will be valid within the cache before renegotiation is required. Default is 3,600.</p> <h4>Syntax</h4><p>Integer number</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslSessionTickets"><h3>Enable Session Tickets<span class="ls-permlink"><a href="#sslSessionTickets"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Enables session tickets using OpenSSL's default session ticket setting. Server-level setting must be set to "Yes" for Virtual Host setting to take effect.<br/><br/> Default values:<br/> <b>Server-level:</b> Yes<br/> <b>VH-Level:</b> Yes</p> <h4>Syntax</h4><p>Select from radio box</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslSessionTicketLifetime"><h3>SSL Session Ticket Lifetime (secs)<span class="ls-permlink"><a href="#sslSessionTicketLifetime"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>This value determines how long a session ticket will be valid before a renegotiation is required. Default is 3,600.</p> <h4>Syntax</h4><p>Integer number</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslSessionTicketKeyFile"><h3>SSL Session Ticket Key File<span class="ls-permlink"><a href="#sslSessionTicketKeyFile"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Allows the SSL Ticket Key to be created/maintained by an administrator. The file must be 48 bytes long. If this option is left empty, the load balancer will generate and rotate its own set of keys.<br/><br/> IMPORTANT: To maintain forward secrecy, it is strongly recommended to change the key every <b>SSL Session Ticket Lifetime</b> seconds. If this cannot be done, it is recommended to leave this field empty.</p> <h4>Syntax</h4><p>Path</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslOcspProxy"><h3>OCSP Proxy<span class="ls-permlink"><a href="#sslOcspProxy"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Socket address used as the proxy server address for OCSP verification. Leave this setting unset If not using a proxy.<br/><br/> Default value: <span class="val">not set</span></p> <h4>Syntax</h4><p>Socket Address</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslStrictSni"><h3>Strict SNI Certificate<span class="ls-permlink"><a href="#sslStrictSni"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies whether to strictly require a dedicated virtual host certificate configuration. When enabled, SSL connections to virtual hosts without a dedicated certificate configuration will fail instead of using a default catch-all certificate.<br/><br/> Default value: <span class="val">No</span></p> <h4>Syntax</h4><p>Select from radio box</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicEnable"><h3>Enable HTTP3/QUIC<span class="ls-permlink"><a href="#quicEnable"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Enables the HTTP3/QUIC network protocol server wide. Default value is <span class="val">Yes</span>.</p> <h4>Syntax</h4><p>Select from radio box</p> <h4>Tips</h4><p><span title="Information" class="ls-icon-info"></span> When this setting is set to <span class="val">Yes</span>, HTTP3/QUIC can still be disabled at the listener level through the <span class="tagl"><a href="Listeners_SSL_Help.html#allowQuic">Open HTTP3/QUIC (UDP) port</a></span> setting, or at the virtual host level through the <span class="tagl"><a href="VHSSL_Help.html#vhEnableQuic">Enable HTTP3/QUIC</a></span> setting.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicShmDir"><h3>QUIC SHM Directory<span class="ls-permlink"><a href="#quicShmDir"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the directory used to save QUIC data to shared memory.<br/><br/> By default, the server's default SHM directory, <span class="val">/dev/shm</span>, will be used.</p> <h4>Syntax</h4><p>Path</p> <h4>Tips</h4><p><span title="Information" class="ls-icon-info"></span> A RAM based partition, such as <span class="val">/dev/shm</span>, is recommended.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicVersions"><h3>HTTP3/QUIC Versions<span class="ls-permlink"><a href="#quicVersions"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>A list of enabled HTTP3/QUIC versions. This setting should only be used to limit HTTP3/QUIC support to the versions listed and is best left blank.</p> <h4>Syntax</h4><p>Comma-separated list</p> <h4>Example</h4><div class="ls-example">h3-29, h3-Q050</div><h4>Tips</h4><p><span title="Information" class="ls-icon-info"></span> It is recommended to leave this setting blank to have the the best configuration applied automatically.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicCongestionCtrl"><h3>Congestion Control<span class="ls-permlink"><a href="#quicCongestionCtrl"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>The congestion control algorithm used. This can be set manually or left up to the QUIC library in use by selecting the "Default" option.<br/><br/> Default value: Default</p> <h4>Syntax</h4><p>Select from drop down list</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicCfcw"><h3>Connection Flow Control Window<span class="ls-permlink"><a href="#quicCfcw"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>The initial size of the buffer allocated for a QUIC connection. Default value is <span class="val">1.5M</span>.</p> <h4>Syntax</h4><p>Number between 64K and 512M</p> <h4>Tips</h4><p><span title="Information" class="ls-icon-info"></span> A larger window size will use more memory.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicMaxCfcw"><h3>Max Connection Flow Control Window<span class="ls-permlink"><a href="#quicMaxCfcw"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum size that a connection flow control window buffer is allowed to reach due to window auto-tuning.<br/><br/> Default value is <span class="val">0</span>, which means that the value of <span class="tagl"><a href="ServTuning_Help.html#quicCfcw">Connection Flow Control Window</a></span> is used and no auto-tuning is performed.</p> <h4>Syntax</h4><p>0 or a number between 64K and 512M</p> <h4>Tips</h4><p><span title="Information" class="ls-icon-info"></span> A larger window size will use more memory.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicSfcw"><h3>Stream Flow Control Window<span class="ls-permlink"><a href="#quicSfcw"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>The initial amount of data a QUIC connection is willing to receive per stream. Default value is <span class="val">1M</span>.</p> <h4>Syntax</h4><p>Number between 64K and 128M</p> <h4>Tips</h4><p><span title="Information" class="ls-icon-info"></span> A larger window size will use more memory.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicMaxSfcw"><h3>Max Stream Flow Control Window<span class="ls-permlink"><a href="#quicMaxSfcw"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the maximum size that a stream flow control window is allowed to reach due to window auto-tuning.<br/><br/> Default value is <span class="val">0</span>, which means that the value of <span class="tagl"><a href="ServTuning_Help.html#quicSfcw">Stream Flow Control Window</a></span> is used and no auto-tuning is performed.</p> <h4>Syntax</h4><p>0 or a number between 64K and 128M</p> <h4>Tips</h4><p><span title="Information" class="ls-icon-info"></span> A larger window size will use more memory.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicMaxStreams"><h3>Max Concurrent Streams Per Connection<span class="ls-permlink"><a href="#quicMaxStreams"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>The maximum number of concurrent streams allowed per QUIC connection. Default value is <span class="val">100</span>.</p> <h4>Syntax</h4><p>Integer number between 10 and 1000</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicHandshakeTimeout"><h3>Handshake Timeout<span class="ls-permlink"><a href="#quicHandshakeTimeout"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>The time in seconds a new QUIC connection is given to complete its handshake, after which the connection is aborted. Default value is <span class="val">10</span>.</p> <h4>Syntax</h4><p>Integer number between 1 and 15</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicIdleTimeout"><h3>Idle Timeout<span class="ls-permlink"><a href="#quicIdleTimeout"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>The time in seconds after which an idle QUIC connection will be closed. Default value is <span class="val">30</span>.</p> <h4>Syntax</h4><p>Integer number between 10 and 30</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicEnableDPLPMTUD"><h3>Enable DPLPMTUD<span class="ls-permlink"><a href="#quicEnableDPLPMTUD"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Enable Datagram Packetization Layer Path Maximum Transmission Unit Discovery (DPLPMTUD).<br/><br/> <b> <a href=" https://tools.ietf.org/html/rfc8899 " target="_blank" rel="noopener noreferrer"> Background on DPLPMTUD (RFC 8899) </a> </b><br/><br/> Default value: Yes</p> <h4>Syntax</h4><p>Select from radio box</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicBasePLPMTU"><h3>PLPMTU Base Value<span class="ls-permlink"><a href="#quicBasePLPMTU"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>The maximum value of PLPMTU (maximum packet size without headers) in bytes that QUIC will use by default. Setting this to <span class="val">0</span> will allow QUIC to pick the size.<br/><br/> This setting should be set lower than <span class="tagl"><a href="#quicMaxPLPMTU">PLPMTU Max Value</a></span>.<br/><br/> Default value: 0</p> <h4>Syntax</h4><p>0 or integer number between 1200 and 65527</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="quicMaxPLPMTU"><h3>PLPMTU Max Value<span class="ls-permlink"><a href="#quicMaxPLPMTU"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>The PLPMTU (maximum packet size without headers) probe upper limit in bytes. This setting is used to limit the "maximum packet size" in the DPLPMTUD search space. Setting this to <span class="val">0</span> will allow QUIC to pick the size (By default LSQUIC assumes that MTU is 1,500 bytes (Ethernet)).<br/><br/> This setting should be set higher than <span class="tagl"><a href="#quicBasePLPMTU">PLPMTU Base Value</a></span>.<br/> Default value: 0</p> <h4>Syntax</h4><p>0 or integer number between 1200 and 65527</p> </article> </div> </section> </article><div class="ls-col-1-1"><footer class="copyright">Copyright © 2003-2020. <a href="https://www.litespeedtech.com">LiteSpeed Technologies Inc.</a> All rights reserved.</footer> </div></div> </body> </html>
© 2024 UnknownSec