Skip to content

Apply Customization Through Templates

Direct Admin has global templates for OpenLiteSpeed, which can be found in /usr/local/directadmin/data/templates.

# pwd
/usr/local/directadmin/data/templates
# ls -la openlitespeed_*
-rw-r--r-- 1 diradmin diradmin   99 Oct 22 18:25 openlitespeed_context_protected.conf
-rw-r--r-- 1 diradmin diradmin  978 Oct 22 18:25 openlitespeed_ips.conf
-rw-r--r-- 1 diradmin diradmin  398 Oct 22 18:25 openlitespeed_listener.conf
-rw-r--r-- 1 diradmin diradmin 1307 Oct 22 18:25 openlitespeed_redirect_vhost.conf
-rw-r--r-- 1 diradmin diradmin 3131 Oct 22 18:25 openlitespeed_vhost.conf

To customize OpenLiteSpeed settings, you can copy these default templates over to /usr/local/directadmin/data/templates/custom and place any customized templates in /usr/local/directadmin/data/templates/custom/openlitespeed*. Then, when you rewrite the configuration, customized templates will be used instead of default templates, where applicable.

cd /usr/local/directadmin/custombuild
./build rewrite_confs

If you need a configuration to apply to all virtual hosts, however, we suggest using the pre/post hooks that DirectAdmin supplies for customization. Such hooks include:

  • CUSTOM1: Appears at the very top of the template, before setting the variables.
  • CUSTOM2: Appears in the scripthandler{} section.
  • CUSTOM3: Appears in ALL context{} sections, used for password protected directories.
  • CUSTOM4: Appears in the phpIniOverride{} section.
  • CUSTOM5: Appears in the rewrite{} section.
  • CUSTOM6: Appears in the vhssl{} section.
  • CUSTOM7: The very last entry.

Example: Rewrite Rules

Say you want to block xmlrpc and wp-trackback files for all virtual hosts. You can use a rewrite rule like the following:

RewriteRule ^/(xmlrpc|wp-trackback)\.php - [F,L,NC]

To include this rewrite rule into all virtual host configurations, you can use the CUSTOM5 pre-hook, which appears in the rewrite{} section of the /usr/local/directadmin/data/templates/custom/ directory. Create a  /usr/local/directadmin/data/templates/custom/cust_openlitespeed.CUSTOM.5.pre file with above rule in it, then rewrite the configuration:

cd /usr/local/directadmin/custombuild
./build rewrite_confs

After that, the customized rule will be inserted into each virtual host rewrite section. For example, /usr/local/directadmin/data/users/$USER/openlitespeed.conf might now contain the following:

rewrite  {
    enable                  1
    autoLoadHtaccess        1
RewriteRule ^/(xmlrpc|wp-trackback)\.php - [F,L,NC]
  }

Example: Headers

Let's say you want to enable HSTS. To do so, you will need add headers to all virtual host / contexts, using code like the following:

context / {
  location                $DOC_ROOT/
  allowBrowse             1
  extraHeaders            <<<END_extraHeaders
Strict-Transport-Security: max-age=15552000
X-Content-Type-Options nosniff
  END_extraHeaders


  rewrite  {

  }
  addDefaultCharset       off

  phpIniOverride  {

  }
}

Put the following code in /usr/local/directadmin/data/templates/custom/cust_openlitespeed.CUSTOM.7.pre, and rewrite the configuration as shown in the first example. CUSTOM7 appears at the very end. So now the block of code should be inserted into the very last entries of all virtual host configurations.

DirectAdmin's OpenLiteSpeed Templates

For reference, here is a list of the default DirectAdmin OpenLiteSpeed templates.

openlitespeed_context_protected.conf

authName |AUTH_NAME|
  allowBrowse 1
  realm |PROTECTED_PATH|/
  accessControl {
    allow *
  }

openlitespeed_ips.conf

|CUSTOM1|
|?DOCROOT=HOME/domains/sharedip| |*if STATUS="server"| |?DOCROOT=/var/www/html| |*endif| |?SSLPROTOCOL=30| |CUSTOM2| virtualHost |IP| { |CUSTOM3| listeners |LISTENER_80|, |LISTENER_443| user |USER| group |USER| vhRoot |HOME| allowSymbolLink 1 enableScript 1 restrained 1 setUIDMode 2 docRoot |DOCROOT| vhDomain |IP| adminEmails root@localhost enableGzip 1 enableIpGeo 1 rewrite { enable 1 autoLoadHtaccess 1 RewriteFile .htaccess |CUSTOM4| } |CUSTOM5| vhssl { keyFile |KEY| certFile |CERT| certChain 1 sslProtocol |SSLPROTOCOL| } # include aliases include /usr/local/lsws/conf/httpd-alias.conf |CUSTOM6| }

openlitespeed_listener.conf

|CUSTOM1|
|?SSLPROTOCOL=30|
|CUSTOM2|

listener |LISTENER_80| {
 |CUSTOM3|
 address                 |IP|:80
 secure                  0
 |CUSTOM4|
}

listener |LISTENER_443| {
 |CUSTOM5|
 address                 |IP|:443
 secure                  1
 keyFile                 |KEY|
 certFile                |CERT|
 certChain               1
 sslProtocol             |SSLPROTOCOL|
 |CUSTOM6|
}

openlitespeed_redirect_vhost.conf

|CUSTOM1|
|?WWW_PREFIX=www.|
|*if WWW_REDIRECT="no"|
|?WWW_PREFIX=|
|*endif|

|?VH_PORT=PORT_80| |?VHROOT=HOME| |?DOCROOT=HOME/domains/DOMAIN/public_html| |?SSLPROTOCOL=30| |CUSTOM2| virtualHost |POINTER|-|VH_PORT| { |CUSTOM3| user |USER| group |GROUP| vhRoot |VHROOT| setUIDMode 2 listeners |LISTENERS| docRoot |DOCROOT| vhDomain |POINTER| vhAliases www.|POINTER| rewrite { enable 1 RewriteRule (.*)$ http://|WWW_PREFIX||DOMAIN|/$1 [R=301,L] } |CUSTOM4| } |*if HAVE_SSL="1"| |?VH_PORT=PORT_443| virtualHost |POINTER|-|VH_PORT| { |CUSTOM5| user |USER| group |GROUP| vhRoot |VHROOT| setUIDMode 2 listeners |SSL_LISTENERS| docRoot |DOCROOT| vhDomain |POINTER| vhAliases www.|POINTER| rewrite { enable 1 RewriteRule (.*)$ https://|WWW_PREFIX||DOMAIN|/$1 [R=301,L] } vhssl { keyFile |KEY| certFile |CERT| certChain 1 sslProtocol |SSLPROTOCOL| } |CUSTOM6| } |*endif|

openlitespeed_vhost.conf

CUSTOM1|

|?PUBLIC_HTML=public_html|
|?VH_PORT=PORT_80| |*if SSL_TEMPLATE="1"| |?PUBLIC_HTML=private_html| |?VH_PORT=PORT_443| |*endif| |?DOCROOT=HOME/domains/DOMAIN/PUBLIC_HTML| |?PUB_DOCROOT=HOME/domains/DOMAIN/public_html| |?SDOMAIN=DOMAIN| |?LOG_NAME=DOMAIN| |*if SUB| |?DOCROOT=DOCROOT/SUB| |?SDOMAIN=SUB.DOMAIN| |?LOG_NAME=DOMAIN.SUB| |*endif| |?REALDOCROOT=DOCROOT| |?VHROOT=HOME| |?SCRIPTHANDLER=lsphpPHP1_RELEASE| |?SSLPROTOCOL=30| |?OBDP1=| |*if PHP1_RELEASE!="0"| |?OBDP1=:/usr/local/phpPHP1_RELEASE/lib/php/| |*endif| |?OBDP2=| |?OPEN_BASEDIR_PATH=HOME/:/tmp:/var/tmp:/opt/alt/phpPHP1_RELEASE/usr/share/pear/:/dev/urandom:/usr/local/lib/php/OBDP1OBDP2| |?PHP_MAIL_LOG=| |?CLI_PHP_MAIL_LOG=| |*if PHP_MAIL_LOG_ENABLED="1"| |?PHP_MAIL_LOG=-d mail.log="HOME/.php/php-mail.log"| |?CLI_PHP_MAIL_LOG=php_admin_value mail.log HOME/.php/php-mail.log| |*endif| |?PHP_EMAIL=USER@DOMAIN| virtualHost |SDOMAIN|-|VH_PORT| { |CUSTOM| user |USER| group |GROUP| vhRoot |VHROOT| allowSymbolLink 1 enableScript 1 restrained 1 setUIDMode 2 # listeners listener1, listener2, listener3 listeners |LISTENERS| #VirtualHost config settings docRoot |DOCROOT| vhDomain |SDOMAIN| vhAliases www.|SDOMAIN||SERVER_ALIASES| adminEmails |ADMIN| enableGzip 1 enableIpGeo 1 errorlog |APACHELOGDIR|/|LOG_NAME|.error.log { useServer 0 logLevel NOTICE rollingSize 0 } accesslog |APACHELOGDIR|/|LOG_NAME|.log { useServer 0 logFormat %a %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i" logHeaders 5 rollingSize 0 } accesslog |APACHELOGDIR|/|LOG_NAME|.bytes { useServer 0 logFormat %O %I rollingSize 0 } scripthandler { |CUSTOM2| add lsapi:|SCRIPTHANDLER| inc add lsapi:|SCRIPTHANDLER| php add lsapi:|SCRIPTHANDLER| phtml add lsapi:|SCRIPTHANDLER| php|PHP1_RELEASE| } phpIniOverride { |CUSTOM4| php_admin_flag engine |PHP| php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f |PHP_EMAIL|" |*if OPEN_BASEDIR_ENABLED="ON"| php_admin_value open_basedir "|OPEN_BASEDIR_PATH|" |*endif| |CLI_PHP_MAIL_LOG| |*if HAVE_SAFE_MODE="1"| php_admin_flag safe_mode |SAFE_MODE| |*endif| } rewrite { enable 1 autoLoadHtaccess 1 |FORCE_SSL_REDIRECT| |OPENLITESPEED_REDIRECTS| |CUSTOM5| } |CONTEXTS| |REALMS| |*if SSL_TEMPLATE="1"| vhssl { |CUSTOM6| keyFile |KEY| certFile |CERT| certChain 1 sslProtocol |SSLPROTOCOL| } |*endif| # include aliases include /usr/local/lsws/conf/httpd-alias.conf |CUSTOM7|

For more customization, like wildcard domain, custom security headers ..etc, please refer to the DirectAdmin official guide.