How to Install OpenLiteSpeed with Multiple PHP Versions on Ubuntu 20.04: Complete Guide with Memcached and ModSecurity

Rey Posted on 2025-09-20 217 Views

Looking to boost your web server performance? This comprehensive OpenLiteSpeed setup guide will help you deploy a high-performance environment with ease.

Tired of performance bottlenecks with Nginx or Apache? Want to try a high-performance, low-resource web server with powerful features? OpenLiteSpeed (OLS), developed by LiteSpeed Technologies, is a free, open-source web server known for its lightweight, well-optimized nature, combining security, simplicity, and speed in a single package.

In this tutorial, we'll walk you through installing and configuring OpenLiteSpeed on Ubuntu 20.04 with PHP 7.4 and PHP 8.0, LSMCD (LiteSpeed Memcached), and ModSecurity with relevant rule packages. Whether you're new to development or an experienced DevOps engineer, this guide will help you set up a high-performance web service environment.

1. System Preparation and OpenLiteSpeed Installation

Before starting, ensure you have Ubuntu 20.04 installed with sudo privileges.

First, update your system and install necessary dependencies:

sudo apt-get update && sudo apt-get upgrade -y sudo apt-get install build-essential libexpat1-dev libgeoip-dev libpcre3-dev zlib1g-dev libssl-dev libxml2-dev rcs libpng-dev wget -y

Next, add the OpenLiteSpeed repository and install it:

wget -O - http://rpms.litespeedtech.com/debian/enable_lst_debian_repo.sh | sudo bash sudo apt-get install openlitespeed -y

After installation, start the OpenLiteSpeed service and enable it to start on boot:

sudo systemctl start lsws sudo systemctl enable lsws

OpenLiteSpeed uses port 8088 for HTTP and 7080 for the admin console. You can access the default page at http://your-server-ip:8088.

First-time admin console access (https://your-server-ip:7080) requires setting up an admin account:

sudo /usr/local/lsws/admin/misc/admpass.sh

Follow the prompts to set up your username and password.

2. PHP 7.4 and PHP 8.0 Installation and Configuration

While OpenLiteSpeed might install a default PHP version (earlier versions defaulted to PHP 7.3), we can manually install multiple PHP versions.

2.1. Install PHP 7.4 with Common Extensions

Install PHP 7.4 and commonly used extensions via the official repository:

sudo apt-get install lsphp74 lsphp74-common lsphp74-curl lsphp74-mysql lsphp74-opcache lsphp74-imap lsphp74-json lsphp74-redis lsphp74-memcached -y

2.2. Install PHP 8.0 with Common Extensions

Similarly, install PHP 8.0 and its extensions:

sudo apt-get install lsphp80 lsphp80-common lsphp80-curl lsphp80-mysql lsphp80-opcache lsphp80-imap lsphp80-json lsphp80-redis lsphp80-memcached -y

2.3. Install Additional PHP Extensions

To see available extensions, use apt search lsphp74- or apt search lsphp80-. Typically, you'll need extensions like gd, bcmath, mbstring, xml, and zip:

sudo apt-get install lsphp74-gd lsphp74-bcmath lsphp74-mbstring lsphp74-xml lsphp74-zip sudo apt-get install lsphp80-gd lsphp80-bcmath lsphp80-mbstring lsphp80-xml lsphp80-zip

2.4. Configure OpenLiteSpeed for Multiple PHP Versions

After installing PHP, configure External Applications and Script Handlers in the OpenLiteSpeed admin interface.

  1. Log into OpenLiteSpeed Admin Console (https://your-server-ip:7080).
  2. Navigate to "Server""External Applications".
  3. Click "Add" to create a new external application for PHP 7.4.
    • Name: lsphp74
    • Address: uds://tmp/lshttpd/lsphp74.sock (ensure this differs from default sock files)
    • Max Connections: 100
    • Initial Request Timeout (sec): 60
    • Retry Timeout (sec): 0
    • Persistent Connection: Yes
    • Command: lsphp74/bin/lsphp
  4. Click "Save".
  5. Repeat these steps for PHP 8.0, naming it lsphp80, with command lsphp80/bin/lsphp, and address uds://tmp/lshttpd/lsphp80.sock.
  6. Next, configure Script Handlers: Go to "Server""Script Handlers".
  7. You'll see default handlers (e.g., lsphp might point to a default PHP version). We'll specify different handlers for different PHP versions at the virtual host level (covered in the website creation section).

3. Install and Configure LiteSpeed Memcached (LSMCD)

LSMCD is LiteSpeed's Memcached-compatible daemon optimized for LiteSpeed servers.

Install dependencies for LSMCD:

sudo apt-get install git build-essential zlib1g-dev libexpat1-dev openssl libssl-dev libsasl2-dev libpcre3-dev -y

Download and compile LSMCD:

wget https://github.com/litespeedtech/lsmcd/archive/refs/heads/master.zip -O lsmcd-master.zip unzip lsmcd-master.zip cd lsmcd-master ./fixtimestamp.sh ./configure CFLAGS=" -O3" CXXFLAGS=" -O3" make sudo make install

Configure LSMCD by editing its configuration file:

sudo nano /usr/local/lsmcd/conf/node.conf

Key configuration options (adjust based on your server setup):

User = nobody Group = nogroup CachedProcCnt = 2 # Adjust based on your CPU cores

Start and enable the LSMCD service:

sudo systemctl start lsmcd sudo systemctl enable lsmcd

Verify LSMCD is running using the telnet command:

telnet 127.0.0.1 11211

If entering stats returns statistics, installation was successful.

4. Install and Configure ModSecurity with Rule Packages

ModSecurity is an open-source web application firewall (WAF). While OpenLiteSpeed may not be 100% compatible with all Apache ModSecurity configurations, we can still install and use it.

4.1. Install ModSecurity

We can obtain ModSecurity by installing Apache's libapache2-mod-security2 package:

sudo apt-get install libapache2-mod-security2 -y

This package is designed for Apache, but OpenLiteSpeed can use the core ModSecurity components and rules.

4.2. Configure ModSecurity

Backup and modify the main ModSecurity configuration file:

sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf sudo nano /etc/modsecurity/modsecurity.conf

Locate and modify the SecRuleEngine and SecAuditLogParts settings:

SecRuleEngine On SecAuditLogParts ABCEFHJKZ

4.3. Download OWASP Core Rule Set (CRS)

The OWASP ModSecurity Core Rule Set (CRS) provides protection against various web application attacks.

wget https://github.com/coreruleset/coreruleset/archive/v3.3.0.tar.gz tar xvf v3.3.0.tar.gz sudo mkdir -p /etc/apache2/modsecurity-crs/ sudo mv coreruleset-3.3.0/ /etc/apache2/modsecurity-crs/ cd /etc/apache2/modsecurity-crs/coreruleset-3.3.0/ sudo mv crs-setup.conf.example crs-setup.conf

4.4. Configure OpenLiteSpeed to Enable ModSecurity

Enable ModSecurity via the OpenLiteSpeed web admin interface or by directly editing its main configuration file.

Using the Web Admin Interface:

  1. Navigate to "Server""Security""ModSecurity".
  2. Enable "ModSecurity Enable".
  3. In "ModSecurity Rules", add rule file paths, for example: \n/etc/modsecurity/modsecurity.conf \n/etc/apache2/modsecurity-crs/coreruleset-3.3.0/crs-setup.conf \n/etc/apache2/modsecurity-crs/coreruleset-3.3.0/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf \n/etc/apache2/modsecurity-crs/coreruleset-3.3.0/rules/REQUEST-901-INITIALIZATION.conf \n... (add all required rule files) ... Note: Prefix each file path with \n to add a new rule on a new line. You can also use the Include directive.

Using Configuration File (More Efficient):

Edit the main OpenLiteSpeed configuration file:

sudo nano /usr/local/lsws/conf/httpd_config.conf

Add the following content at the end or appropriate location (using absolute paths):

module mod_security { mod_security_rules file:/etc/modsecurity/modsecurity.conf mod_security_rules file:/etc/apache2/modsecurity-crs/coreruleset-3.3.0/crs-setup.conf mod_security_rules file:/etc/apache2/modsecurity-crs/coreruleset-3.3.0/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf mod_security_rules file:/etc/apache2/modsecurity-crs/coreruleset-3.3.0/rules/REQUEST-901-INITIALIZATION.conf # ... add more rule files as needed ... mod_security_rules file:/etc/apache2/modsecurity-crs/coreruleset-3.3.0/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf }

Note: This configuration might require adjustments based on actual file paths and OpenLiteSpeed's module loading syntax. For accurate information on OpenLiteSpeed's ModSecurity support, consult the official documentation.

5. Create Websites Using Different PHP Versions

Now, let's create two virtual hosts—one using PHP 7.4 and another using PHP 8.0.

5.1. Create Website Directories

First, create document root directories for both websites and set appropriate permissions:

sudo mkdir /usr/local/lsws/php74-site sudo mkdir /usr/local/lsws/php80-site sudo chown -R nobody:nogroup /usr/local/lsws/php74-site sudo chown -R nobody:nogroup /usr/local/lsws/php80-site

Create an index.php test file in each directory:

sudo nano /usr/local/lsws/php74-site/index.php

Add the following content:

<?php phpinfo(); ?>

Create an identical file in the php80-site directory.

5.2. Create Virtual Hosts via Admin Interface

  1. Log into OpenLiteSpeed Admin Console.
  2. Navigate to "Virtual Hosts" → Click "Add" button.
  3. Virtual Host Name: Enter php74-site.
  4. Virtual Host Root: Set to /usr/local/lsws/php74-site.
  5. Keep other settings default, click "Save".
  6. Repeat to create another virtual host named php80-site with root directory /usr/local/lsws/php80-site.

5.3. Configure Script Handlers for Virtual Hosts

  1. In the "Virtual Hosts" list, click your newly created php74-site to configure it.
  2. Find the "Script Handler" section.
  3. Click the "Add" button.
  4. Suffix: For example, php (to handle all .php files)
  5. Handler: Select lsphp74 from the dropdown menu.
  6. Click "Save".
  7. Similarly, add a script handler for the php80-site virtual host with suffix php and handler lsphp80.

5.4. Configure Listeners and Assign Virtual Hosts

  1. Navigate to "Listeners""Default" (or create a new listener for your virtual hosts).
  2. In the "Virtual Host Mappings" section, ensure your php74-site and php80-site are mapped to this listener via domain or context. The common approach is:
    • Keep the default listener for main traffic and distinguish virtual hosts by domain name.
    • Set the respective domain names in each virtual host's configuration.

5.5. Change Default HTTP Port (Optional)

To use port 80 instead of the default 8088:

  1. Navigate to "Listeners""Default".
  2. Click the "Edit" icon next to address settings.
  3. Change Port from 8088 to 80.
  4. Click "Save", then restart OpenLiteSpeed.

6. Restart Services and Verify Installation

After completing all configurations, restart OpenLiteSpeed to apply changes:

sudo systemctl restart lsws

Verification Steps:

  1. Access Websites: Visit your server IP or configured domains pointing to PHP 7.4 and PHP 8.0 websites. Check the phpinfo() page to confirm the correct PHP version is displayed.
  2. Verify Memcached: Create a PHP file in your website directory using the Memcached test code mentioned earlier to check if LSMCD is working.
  3. Test ModSecurity: Attempt to access a suspicious URL, like http://your-domain/?exec=/bin/bash. If ModSecurity is working, you should receive a 403 Forbidden error.

7. Troubleshooting and Optimization Tips

  • Permission Issues: Always ensure your website directories (e.g., /usr/local/lsws/php74-site) are owned by the user OpenLiteSpeed runs as (typically nobody:nogroup).
  • Check Logs: When encountering issues, first check the logs. OpenLiteSpeed logs are typically located at /usr/local/lsws/logs/, including error.log and access.log. ModSecurity audit log paths are defined in its configuration file.
  • Firewall: Ensure your firewall allows traffic on ports 80 (HTTP), 443 (HTTPS, if SSL configured), 7080 (admin console), etc.
  • Performance Optimization: Adjust OpenLiteSpeed's worker processes and maximum connections, plus LSMCD's cache size and connections based on your server hardware (CPU, RAM).
  • ModSecurity Rule Tuning: Using OWASP CRS default rules might cause false positives or impact performance. Carefully configure exclusion rules (EXCLUSION RULES) in production environments.

Conclusion

Congratulations! You've successfully set up a powerful OpenLiteSpeed web server environment on Ubuntu 20.04 with multiple PHP version support, high-performance LSMCD caching, and ModSecurity protection. This environment delivers excellent performance and security for both development and production use.

Encountering issues during setup is normal. Consult official documentation and log files—you'll always find solutions.

Copyright Information: This article was first published on MGREI. Please retain this attribution when sharing.

SEO Keywords and Description

Keywords: Ubuntu 20.04, OpenLiteSpeed, PHP 7.4, PHP 8.0, LSMCD, Memcached, ModSecurity, OWASP CRS, Web Server, Setup Tutorial, Performance Optimization, Server Configuration, LiteSpeed Caching, Multiple PHP Environments

Description: This comprehensive tutorial provides step-by-step instructions for installing and configuring OpenLiteSpeed with PHP 7.4, PHP 8.0, LSMCD (Memcached), and ModSecurity on Ubuntu 20.04, helping you build a high-performance, secure web server environment with multiple PHP version support.

This author has not provided a description.
Last updated on 2025-09-20