LiteSpeed Load Balancer
Saturday, November 6, 2010 by sms
LiteSpeed Load Balancer (LSLB) is a high-performance, content-aware, session-aware HTTP application load balancer. It can forward requests based on request content as well as session stickiness preference. LiteSpeed Load Balancer can help scale your application beyond one server deployment, as well as improve the reliability of your service in case of hardware failures.
We offer 15-day risk free trials and a 30-day money back guarantee.
Features
HTTP/1.1, HTTP/1.0 backward compatible
Supports HTTP, LiteSpeed SAPI, FastCGI and AJPv13 back ends
Load balance algorithms: round-robin, least load, least session
Session affinity with fail-over
Directing request based on domain names, request URL, Cookie, SSL Session, etc.
Content aware: route request based on request content
Dynamic response compression/decompression (gzip)
Gzip compression with backend HTTP Server
Automatic HTTP protocol upgrade/downgrade to maintain persistent connection with backend servers
Massive shared hosting: load balance to millions of websites
URL rewrite
SSL acceleration
Geotargeting support
IPv6 support
Anti-(D)DoS attacks capability
Request filtering (HTTP firewall), filter attacking requests based on request content
Chroot for enhanced security
Backend server health monitoring
Web administration console
Online upgrade to keep your server up-to-date
Security
LiteSpeed load balancer is designed to be a secure load balancer. With chroot jail, IP level bandwidth throttling, connection accounting, strict HTTP request checking, and URL context filtering, DoS effects are minimized and backend cluster is properly fenced away from the HTTP request layer reducing vulnerability.
High performance Secure HTTP (HTTPS): supports SSLv2, SSLv3 and TLSv1
IP level throttling (Bandwidth and Request Rate)
Comprehensive IP level connection accounting
Hotlink protection
Strict HTTP request checking
External application firewall for dynamic content
Chroot whole server process
Reliability
Zero downtime maintanance (include reconfiguration, software upgrade)
Watch dog and Instant recovery maximizes up-time
Graceful shutdown, all requests in process will be completed.
Runs completely in the user space, OS reliability is not affected
The following section provides a brief overview of the above security features. Access Control: Server, virtual host and directory (context) level access control which can allow or block traffic from specific IP/sub-networks. IP Level Throttling Limits network bandwidth to and from a single IP address regardless of the number of connections. IP Level Connection Accounting Limits the number of concurrent connections from a single IP address. It is controlled by the Connection Soft Limit, Connection Hard Limit, Grace Period, and Banned Period values. Strict Request Checking Every HTTP request is strictly checked by LiteSpeed load balancer:
Request size is limited by the Max Request URL Length, Max Request Header Length, and Max Request Body Length values. Strict Static File Checking LiteSpeed web server will serve a static file only if the following conditions are satisfied:
"/.ht*" and "/.svn*" are not allowed in a decoded URL, this will deny accessing some important hidden files and directories.
the file permission must contain configured required permission bits.
the file permission must not contain any configured restricted permission bits.
The file is not in the Access Denied Directory list
does not contain symbolic links if symbolic linking is not allowed.
LiteSpeed load balancer does not index a directory by listing its files.
LiteSpeed load balancer can pipeline requests and control the concurrency level of external applications to prevent over consumption of system resources. It only forwards completed requests to external applications and caches the response. Thus external applications will be immediately available to process the next request without waiting for the response to be completely received by the client. In this way, the server can utilize fewer instances of external applications to serve more concurrent requests and will achieve higher performance and scalability. LiteSpeed load balancer uses its own virtual memory to cache the request and response body to minimize the usage of system memory without sacrificing performance.
Chroot Jail
LiteSpeed load balancer can run in a chroot environment also known as a chroot jail with an automatic initial chroot environment setup. In a chrooted environment, the load balancer and its children processes cannot access the file system outside of the chroot jail. This protects the system from attacks caused by malicious code.