Listeners
 
Table of Contents
General Listener Name   IP Address   Port   Secure   
Virtual Host Mappings Virtual Host   Domains   
SSL Settings SSL Certificate   SSL Key File   SSL Protocol   SSL Version   Encryption Level   
 
Listener NameGo to top
Description: A unique name for this listener.
Apply: On the fly with reload.
IP AddressGo to top
Description: Specifies the IP of the listener. All available IP address is listed. Select ANY to listen on all of them.
Syntax: Select from drop down list
Apply: On the fly with reload.
Tips: [Security] If your machine has multiple IPs which are on different sub networks, you can select a specific IP to only allow traffic from corresponding sub network.
PortGo to top
Description: Specifies the TCP port of the listener. Only super user (root) can use port lower than 1024. Port 80 is the default HTTP port; port 443 is the default HTTPS port.
Syntax: Integer number
Apply: Need restart if port number is below 1024, otherwise change can be applied on the fly by reload.
SecureGo to top
Description: Specifies whether this is a secure (SSL) listener. For secure listeners, additional SSL settings need to be set properly.
Syntax: Select from radio box
Apply: On the fly with reload.
Virtual Host MappingsGo to top
Description: Specifies the relationship between the listener and virtual hosts. Listener and virtual hosts are associated by domain names. A HTTP request will be routed to a virtual host with matching domain name. One listener can map to multiple virtual hosts on different domain names. One virtual host can also be mapped from different listeners. One listener can allow one catchall virtual host with domain name "*". When there is no explicitly matched domain name, listener will forward the request to that catchall virtual host.
Tips: [Performance] Only add necessary mappings. If the listener is dedicated to only one virtual host, then only set the catchall mapping with "*".
Virtual HostGo to top
Description: Specifies the name of a virtual host.
Syntax: Select from drop down list
Apply: On the fly with reload.
DomainsGo to top
Description: Specifies the mapping domain names. Domain name is case insensitive and the leading "www." will be removed. Duplicated domain names are not allowed. * is the catchall domain name.
Syntax: comma-separated list.
Apply: On the fly with reload.
Tips: [Performance] If the listener is dedicated to one virtual host, always use * for domain name to avoid unnecessary checking.
SSL SettingsGo to top
Description: Every SSL listener requires a pair of SSL private key and SSL certificate. Multiple SSL listeners can share same key and certificate. SSL private key can be generated by yourself with SSL software package, like OpenSSL. SSL certificate can be purchased from an authorized certificate issuer like VeriSign or Thawte. You can also sign the certificate by yourself, but that certificate is not trusted and not supposed to be used on public web sites containing critical data. However, the self signed certificate is good enough for internal use, for e.g., the administration web interface for LiteSpeed web server can use a SSL listener.
SSL CertificateGo to top
Description: Specifies the file name of the SSL certificate file.
Syntax: File name which can be an absolute path or relative to $SERVER_ROOT.
Apply: On the fly with reload.
Tips: [Security] The certificate file should be placed in a secured directory which allows only readable access by the user that the server running as.
SSL Key FileGo to top
Description: Specifies the file name of the SSL private key file. The key file should not be encrypted.
Syntax: File name which can be an absolute path or relative to $SERVER_ROOT.
Apply: On the fly with reload.
Tips: [Security] The private key file should be placed in a secured directory that allows only readable access by whom the server running as.
SSL ProtocolGo to top
Description: Customizes SSL Protocols accepted by the listener.
Apply: On the fly with reload.
SSL VersionGo to top
Description: Specifies which version of SSL protocol will be used. You can choose from SSLv2, SSLv3 and TLSv1.
Apply: On the fly with reload.
Tips: [Security] Enable SSLv2 only if you have to because it is flawed.
Encryption LevelGo to top
Description: Specifies the strength level of SSL encryption.
Syntax: Check all the encryption method that you want to accept.
Apply: On the fly with reload.
Tips: [Security & Performance] Stronger encryption consumes more CPU cycles.