Spade
Mini Shell
<!DOCTYPE html>
<head>
<meta charset="utf-8" />
<meta http-equiv="X-UA-Compatible"
content="IE=edge,chrome=1" />
<title>LiteSpeed Web Server Users' Manual - Admin Console
Security</title>
<meta name="description" content="LiteSpeed Web Server
Users' Manual - Admin Console Security." />
<meta name="viewport" content="width=device-width,
initial-scale=1.0" />
<meta name="robots" content="noindex">
<link rel="shortcut icon" href="img/favicon.ico"
/>
<link rel="stylesheet" type="text/css"
href="css/hdoc.css">
</head>
<body>
<div class="pagewrapper clearfix"><aside
class="sidetree ls-col-1-5">
<figure>
<img src="img/lsws_logo.svg" alt="lightspeed web
server logo"
width="100px"/>
</figure>
<h2 class="ls-text-thin">
LiteSpeed Web Server
<br />
<span class="current"><a
href="index.html">Users' Manual</a></span>
</h2>
<h3 class="ls-text-muted">Version 6.3
— Rev. 0</h3>
<hr/>
<div>
<ul>
<li><a href="license.html">License
Enterprise</a></li>
<li><a
href="intro.html">Introduction</a></li>
<li><a
href="install.html">Installation</a></li>
<li>
<a href="admin.html">Administration</a>
<ul class="menu level2">
<li><a href="ServerStat_Help.html">Service
Manager</a></li>
<li><a
href="Real_Time_Stats_Help.html">Real-Time
Stats</a></li>
</ul>
</li>
<li><a
href="security.html">Security</a></li>
<li>
<a href="config.html">Configuration</a>
<ul class="level2">
<li><a href="ServGeneral_Help.html">Server
General</a></li>
<li><a href="ServLog_Help.html">Server
Log</a></li>
<li><a href="ServTuning_Help.html">Server
Tuning</a></li>
<li><a href="ServSecurity_Help.html">Server
Security</a></li>
<li><a href="Cache_Help.html">Page
Cache</a></li>
<li><a
href="PageSpeed_Config.html">PageSpeed
Config</a></li>
<li><a href="ExtApp_Help.html">External
Apps</a></li>
<ul class="level3">
<li><a href="External_FCGI.html">Fast CGI
App</a></li>
<li><a
href="External_FCGI_Auth.html">Fast CGI
Authorizer</a></li>
<li><a href="External_LSAPI.html">LSAPI
App</a></li>
<li><a
href="External_Servlet.html">Servlet
Engine</a></li>
<li><a href="External_WS.html">Web
Server</a></li>
<li><a href="External_PL.html">Piped
logger</a></li>
<li><a href="External_LB.html">Load
Balancer</a></li>
</ul>
<li><a
href="ScriptHandler_Help.html">Script
Handler</a></li>
<li><a
href="PHP_Help.html">PHP</a></li>
<li><a href="App_Server_Help.html">App
Server Settings</a></li>
<li><a
href="Listeners_General_Help.html">Listener
General</a></li>
<li><a
href="Listeners_SSL_Help.html">Listener
SSL</a></li>
<li><a href="Templates_Help.html">Virtual
Host Templates</a></li>
<li><a
href="VirtualHosts_Help.html">Virtual Host
Basic</a></li>
<li><a href="VHGeneral_Help.html">Virtual
Host General</a></li>
<li><a href="VHSecurity_Help.html">Virtual
Host Security</a></li>
<li><a href="VHSSL_Help.html">Virtual Host
SSL</a></li>
<li>
<a href="VHPageSpeed_Config.html">Virtual Host
PageSpeed Config</a>
</li>
<li><a
href="Rewrite_Help.html">Rewrite</a></li>
<li><a
href="Context_Help.html">Context</a></li>
<ul class="level3">
<li><a href="Static_Context.html">Static
Context</a></li>
<li>
<a href="Java_Web_App_Context.html">Java Web
App Context</a>
</li>
<li><a
href="Servlet_Context.html">Servlet
Context</a></li>
<li><a href="FCGI_Context.html">Fast CGI
Context</a></li>
<li><a href="LSAPI_Context.html">LSAPI
Context</a></li>
<li><a href="Proxy_Context.html">Proxy
Context</a></li>
<li><a href="CGI_Context.html">CGI
Context</a></li>
<li><a href="LB_Context.html">Load
Balancer Context</a></li>
<li><a
href="Redirect_Context.html">Redirect
Context</a></li>
<li><a href="App_Server_Context.html">App
Server Context</a></li>
<li><a
href="Rails_Context.html">Rack/Rails
Context</a></li>
</ul>
<li><a
href="VHAddOns_Help.html">Add-ons</a></li>
</ul>
</li>
<li>
<a href="webconsole.html">Web Console</a>
<ul class="level2">
<li><a href="AdminGeneral_Help.html">Admin
Console General</a></li>
<li><span class="current"><a
href="AdminSecurity_Help.html">Admin Console
Security</a></span></li>
<li>
<a href="AdminListeners_General_Help.html">
Admin Listener General
</a>
</li>
<li>
<a href="AdminListeners_SSL_Help.html">Admin
Listener SSL</a>
</li>
</ul>
</li>
</ul>
</div>
</aside>
<article class="contentwrapper ls-col-3-5 clearfix"><div
class="nav-bar ls-spacer-micro-top"><div
class="prev">« <a
href="AdminGeneral_Help.html">Admin Console
General</a></div><div class="center"><a
href="webconsole.html">Web
Console</a></div><div class="next"><a
href="AdminListeners_General_Help.html">Admin Listeners
General</a> »</div></div>
<h1>Admin Console Security</h1><h2
id="top">Table of Contents</h2><section
class="toc"><section
class="toc-row"><header><a
href="#accessControl">Access
Control</a></header><p>
<a href="#accessControl_allow">Allowed List</a> |
<a href="#accessControl_deny">Denied
List</a></p></section>
<section class="toc-row"><header><a
href="#adminUser">WebAdmin
User</a></header><p>
</p></section>
</section>
<section><div class="helpitem"><article
class="ls-helpitem"><div><header
id="accessControl"><h3>Access Control<span
class="ls-permlink"><a
href="#accessControl"></a></span><span
class="top"><a
href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies
what sub networks and/or IP addresses can access the server. At the server
level, this setting will affect all virtual hosts. You can also set up
access control unique to each virtual host at the virtual host level.
Virtual host level settings will NOT override server level
settings.<br/><br/> Blocking/Allowing an IP is determined by
the combination of the allowed list and the denied list. If you want to
block only certain IPs or sub-networks, put <span
class="val">*</span> or <span
class="val">ALL</span> in the <span
class="tagl"><a
href="#accessControl_allow">Allowed
List</a></span> and list the blocked IPs or sub-networks in the
<span class="tagl"><a
href="#accessControl_deny">Denied List</a></span>.
If you want to allow only certain IPs or sub-networks, put <span
class="val">*</span> or <span
class="val">ALL</span> in the <span
class="tagl"><a
href="#accessControl_deny">Denied List</a></span>
and list the allowed IPs or sub-networks in the <span
class="tagl"><a
href="#accessControl_allow">Allowed
List</a></span>. The setting of the smallest scope that fits
for an IP will be used to determine access.<br/><br/>
<b>Server Level:</b> Trusted IPs or sub-networks must be
specified in the <span class="tagl"><a
href="#accessControl_allow">Allowed
List</a></span> by adding a trailing "T". Trusted IPs
or sub-networks are not affected by connection/throttling limits. Only
server level access control can set up trusted IPs/sub-networks.</p>
<h4>Tips</h4><p><span title="Security"
class="ls-icon-security"></span> Use this at the server
level for general restrictions that apply to all virtual hosts.</p>
</article> </div>
<div class="helpitem"><article
class="ls-helpitem"><div><header
id="accessControl_allow"><h3>Allowed List<span
class="ls-permlink"><a
href="#accessControl_allow"></a></span><span
class="top"><a
href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies
the list of IPs or sub-networks allowed. <span
class="val">*</span> or <span
class="val">ALL</span> are accepted.</p>
<h4>Syntax</h4><p>Comma delimited list of IP addresses or
sub-networks. A trailing "T" can be used to indicate a trusted IP
or sub-network, such as <span
class="val">192.168.1.*T</span>.</p>
<h4>Example</h4><div
class="ls-example"><b>Sub-networks:</b>
192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1, or
192.168.1.*<br/> <b>IPv6 addresses:</b> ::1 or
[::1]<br/> <b>IPv6 subnets:</b>
3ffe:302:11:2:20f:1fff:fe29:717c/64 or
[3ffe:302:11:2:20f:1fff:fe29:717c]/64</div><h4>Tips</h4><p><span
title="Security"
class="ls-icon-security"></span> Trusted IPs or
sub-networks set at the server level access control will be excluded from
connection/throttling limits.</p> </article> </div>
<div class="helpitem"><article
class="ls-helpitem"><div><header
id="accessControl_deny"><h3>Denied List<span
class="ls-permlink"><a
href="#accessControl_deny"></a></span><span
class="top"><a
href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies
the list of IPs or sub-networks disallowed.</p>
<h4>Syntax</h4><p>Comma delimited list of IP addresses or
sub-networks. <span class="val">*</span> or <span
class="val">ALL</span> are accepted.</p>
<h4>Example</h4><div
class="ls-example"><b>Sub-networks:</b>
192.168.1.0/255.255.255.0, 192.168.1.0/24, 192.168.1, or
192.168.1.*<br/> <b>IPv6 addresses:</b> ::1 or
[::1]<br/> <b>IPv6 subnets:</b>
3ffe:302:11:2:20f:1fff:fe29:717c/64 or
[3ffe:302:11:2:20f:1fff:fe29:717c]/64</div></article>
</div>
<div class="helpitem"><article
class="ls-helpitem"><div><header
id="adminUser"><h3>WebAdmin User<span
class="ls-permlink"><a
href="#adminUser"></a></span><span
class="top"><a
href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Change
the username and password for the WebAdmin Console. The old password must
be entered and verified in order to save changes.</p>
</article> </div>
</section>
</article><div class="ls-col-1-1"><footer
class="copyright">Copyright © 2003-2020. <a
href="https://www.litespeedtech.com">LiteSpeed Technologies
Inc.</a> All rights reserved.</footer>
</div></div>
</body>
</html>