LiteSpeed Web Server Users' Manual

Version 5.1 Rev. 1

Admin Console Security

Table of Contents

Access Control

Allowed List | Denied List | 

Web Admin User

Access ControlGo to top
Description: Specifies what sub networks and/or IP addresses can access the server. At the server-level, this setting will affect all virtual hosts. You can also set up access control unique to each virtual host at the virtual host-level. Virtual host settings will NOT override server settings.

Whether to block/allow an IP is determined by the combination of the allowed list and the denied list. If you want to block only certain IPs or sub-networks, put * or ALL in the Allowed List and list the blocked IPs or sub-networks in the Denied List. If you want to only allow certain IPs or sub-networks, put * or ALL in the Denied List and list the allowed IPs or sub-networks in the Allowed List. The setting of the smallest scope that fits for an IP will be used to determine whether to block or allow that IP.

Server-level: Trusted IPs or sub-networks must be specified in the Allowed List by adding a trailing "T". Trusted IPs or sub-networks are not affected by connection/throttling limits. Only server-level access control can set up trusted IPs/sub-networks.
Tips: [Security] Use this at the server-level for general restrictions that apply to all virtual hosts.
Allowed ListGo to top
Description: Specifies the list of IPs or sub-networks allowed. * or ALL are accepted.
Syntax: Comma delimited list of IP addresses or sub-networks. A trailing "T" can be used to indicate a trusted IP or sub-network, such as 192.168.1.*T.
Example: Sub-networks: 192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1 or 192.168.1.*.
IPv6 addresses: ::1 or [::1]
IPv6 subnets: 3ffe:302:11:2:20f:1fff:fe29:717c/64 or [3ffe:302:11:2:20f:1fff:fe29:717c]/64.
Tips: [Security] Trusted IPs or sub-networks set at the server-level access control will be excluded from connection/throttling limits.
Denied ListGo to top
Description: Specifies the list of IPs or sub-networks disallowed.
Syntax: Comma delimited list of IP addresses or sub-networks. * or ALL are accepted.
Example: Sub-networks: 192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1 or 192.168.1.*.
IPv6 addresses: ::1 or [::1]
IPv6 subnets: 3ffe:302:11:2:20f:1fff:fe29:717c/64 or [3ffe:302:11:2:20f:1fff:fe29:717c]/64.
Web Admin UserGo to top
Description: Change the username and password for WebAdmin Console. The old password has to be entered and verified in order to save changes.