How to Configure LiteSpeed on Linux Server – (Guide 2026)

To configure LiteSpeed on a Linux server, install OpenLiteSpeed or LiteSpeed Enterprise, add PHP (LSAPI), secure the WebAdmin, create a virtual host and listener for your domain, enable HTTPS with Let’s Encrypt, switch on HTTP/3 and Brotli, tune LSCache and PHP, open required firewall ports, and harden security.

This step-by-step guide explains how to configure LiteSpeed on Linux server in 2026 using practical, production-tested steps. You’ll learn editions, installation, SSL, HTTP/3, LSCache, performance tuning, security, and troubleshooting—using clear commands for Ubuntu/Debian and RHEL-based distros. Whether you host WordPress or custom apps, this is your actionable blueprint.

What Is LiteSpeed? (OpenLiteSpeed vs LiteSpeed Enterprise)

LiteSpeed is a drop-in, event-driven web server designed for high concurrency, low latency, and strong compatibility with Apache syntax. It supports HTTP/2, HTTP/3/QUIC, TLS 1.3, LSCache, and PHP LSAPI for exceptional PHP performance.

Choose the right edition

• OpenLiteSpeed (free): Excellent performance, HTTP/3, LSCache (plugin-driven). Suitable for standalone servers. Uses a WebAdmin GUI, supports most .htaccess rules.
• LiteSpeed Enterprise (paid): Near 100% Apache compatibility, drop-in for cPanel/DirectAdmin/Plesk, advanced features, ESI, and premium support. Ideal for hosting control panels and high-traffic multi-tenant hosting.

Prerequisites and System Checklist

• Linux distro: Ubuntu 22.04/24.04, Debian 12, Rocky/AlmaLinux 8/9, or RHEL 8/9.
• Root or sudo SSH access; a clean server is ideal.
• DNS A/AAAA records pointing your domain to the server.
• Open ports: 80/TCP, 443/TCP, 443/UDP (for HTTP/3), 7080/TCP (WebAdmin, temporary).
• Server sizing: 1–2 vCPU and 2–4 GB RAM for small WordPress; scale up for WooCommerce or multisite.

Step-by-Step: Configure LiteSpeed on Linux Server (2026)

Step 1 — Install LiteSpeed (Ubuntu/Debian/RHEL)

Use the official LiteSpeed repository for the latest stable builds.

# Debian/Ubuntu
sudo apt update
sudo apt install -y curl wget ca-certificates
wget -O - https://repo.litespeed.sh | sudo bash
# Install OpenLiteSpeed
sudo apt install -y openlitespeed
# OR install LiteSpeed Enterprise (requires a license)
# sudo apt install -y lsws

# RHEL/CentOS/Rocky/Alma
sudo yum install -y curl wget ca-certificates
wget -O - https://repo.litespeed.sh | sudo bash
sudo yum install -y openlitespeed
# OR Enterprise
# sudo yum install -y lsws

# Set the WebAdmin password (both OLS and Enterprise use lsws admin)
sudo /usr/local/lsws/admin/misc/admpass.sh

# Start and enable service
sudo systemctl enable --now lsws
sudo systemctl status lsws

WebAdmin runs at https://SERVER_IP:7080 by default. You’ll use it to configure listeners, virtual hosts, SSL, and performance settings.

Step 2 — Install PHP (LSAPI) and common extensions

LiteSpeed’s PHP via LSAPI (lsphp) delivers faster, more stable PHP under load than PHP-FPM.

# Install PHP 8.2 (recommended in 2026) with common modules
# Debian/Ubuntu
sudo apt install -y lsphp82 lsphp82-common lsphp82-mysql lsphp82-curl lsphp82-zip lsphp82-xml lsphp82-mbstring lsphp82-gd lsphp82-opcache

# RHEL family
sudo yum install -y lsphp82 lsphp82-common lsphp82-mysql lsphp82-curl lsphp82-zip lsphp82-xml lsphp82-mbstring lsphp82-gd lsphp82-opcache

# PHP binary path (OLS/Enterprise default):
# /usr/local/lsws/lsphp82/bin/lsphp

In WebAdmin: Server Configuration → External App → Add “LiteSpeed SAPI App”. Set:

• Name: lsphp82
• Address: uds://tmp/lshttpd/lsphp.sock
• Max Connections: 35–100 (size to CPU/RAM)
• Command: /usr/local/lsws/lsphp82/bin/lsphp
• Environment: PHP_LSAPI_CHILDREN=50, LSAPI_AVOID_FORK=1 (tune as needed)

Map the script handler: Server Configuration → Script Handler → Add “suffix: php” with Handler Type “LiteSpeed SAPI” and choose lsphp82.

Step 3 — Open firewall ports (and SELinux)

# UFW (Ubuntu/Debian)
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 443/udp   # HTTP/3/QUIC
sudo ufw allow 7080/tcp  # WebAdmin (temporary)
sudo ufw reload

# firewalld (RHEL family)
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --permanent --add-port=443/udp
sudo firewall-cmd --permanent --add-port=7080/tcp
sudo firewall-cmd --reload

# SELinux: allow web to bind HTTP/HTTPS (if enforcing)
sudo setsebool -P httpd_can_network_connect 1

Step 4 — Secure and access WebAdmin

• Login: https://SERVER_IP:7080 using the admin credentials you set.
• Change the admin listener to bind 127.0.0.1 and access via SSH tunnel for production:

# Local machine example:
ssh -L 7080:127.0.0.1:7080 user@server-ip

• Disable external access or restrict by IP (WebAdmin → WebAdmin Settings).
• Set strong password policies and rotate periodically.

Step 5 — Create your site (Virtual Host) and Listener

• Create directories:

sudo mkdir -p /var/www/example.com/{public_html,logs}
sudo chown -R nobody:nogroup /var/www/example.com
# On RHEL-based, use nobody:nobody if nogroup is absent

In WebAdmin:

• Virtual Hosts → Add: Set Doc Root “/var/www/example.com/public_html” and Log paths.
• Virtual Hosts → Basic → Enable Rewrite: Yes. Auto Index: No.
• Listeners → Create a listener on 80 → Map the domain (example.com, www.example.com) to your virtual host.
• Add index files: index.php, index.html.

Step 6 — Enable HTTPS with Let’s Encrypt

You can use acme.sh or Certbot. With OpenLiteSpeed, acme.sh integrates smoothly.

# Install acme.sh (as root)
curl https://get.acme.sh | sh -s email=admin@example.com
source ~/.bashrc

# Issue a certificate using webroot
acme.sh --issue -d example.com -d www.example.com -w /var/www/example.com/public_html

# Install cert to LiteSpeed paths
acme.sh --install-cert -d example.com \
--key-file       /usr/local/lsws/conf/example.com.key \
--fullchain-file /usr/local/lsws/conf/example.com.crt \
--reloadcmd     "systemctl reload lsws"

In WebAdmin: Listeners → 443 → SSL tab → set the certificate/key paths above. OCSP Stapling: Enable, and provide the certificate chain if prompted.

Step 7 — Turn on HTTP/3, TLS 1.3, Brotli

• HTTP/3/QUIC: Enable in SSL Listener → QUIC: On. Ensure UDP/443 is open.
• TLS 1.3: Enable and prefer modern ciphers (TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256).
• Compression: Enable Brotli first, keep Gzip as fallback.

Step 8 — Install and configure LSCache (WordPress)

• Install the free “LiteSpeed Cache” plugin in WordPress.
• WebAdmin → Server Configuration → Cache: Enable Cache: Yes.
• Plugin → Enable QUIC.cloud CDN if needed, and turn on page/object cache, browser cache, and image/WebP optimizations.
• For WooCommerce: Enable ESI for cart/checkout fragments to avoid caching dynamic data.

LSCache is a major reason LiteSpeed outperforms Nginx/Apache for WordPress. It integrates server-level caching, smart purges, and HTTP/3 support end to end.

Step 9 — PHP tuning and Opcache

• php.ini path: /usr/local/lsws/lsphp82/etc/php.ini
• Key directives (adjust to RAM/traffic):

memory_limit = 512M
upload_max_filesize = 128M
post_max_size = 128M
max_execution_time = 120

; Opcache
opcache.enable=1
opcache.enable_cli=1
opcache.memory_consumption=256
opcache.max_accelerated_files=20000
opcache.validate_timestamps=0
opcache.save_comments=1

In lsphp external app, tune PHP_LSAPI_CHILDREN (start ~50) and Max Connections to match CPU. Monitor with top/htop and adjust to prevent memory pressure.

Step 10 — Log rotation and observability

• Logs: /usr/local/lsws/logs/error.log, /var/www/example.com/logs/access.log.
• Enable daily rotation (WebAdmin → Server Log/Virtual Host Log → Rotate).
• Systemd journal: systemctl status lsws; live tail via journalctl -fu lsws.
• Performance: enable Real-Time Stats in WebAdmin for 5xx spikes, slow requests, and cache effectiveness.

Step 11 — Security hardening

• WebAdmin binding: Restrict to 127.0.0.1 and tunnel via SSH.
• Permissions: chown webroot to a non-privileged user; avoid 777. Typical: 755 dirs, 644 files.
• Headers: Add Security Headers (Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, Referrer-Policy) in vHost context.
• Disable server signature: Server → Tuning → Server Signature: Hide.
• ModSecurity: Enable and load OWASP CRS for WAF-style protection.
• Fail2ban: Ban repeated 401/403 or wp-login attempts using access/error log filters.

Step 12 — Migrate from Apache or Nginx

• Apache: LiteSpeed Enterprise is drop-in for cPanel/DirectAdmin; .htaccess and mod_rewrite are highly compatible.
• OpenLiteSpeed: Supports most .htaccess rules. Ensure “Enable Rewrite” is on. For complex rewrites, migrate into the vHost “Rewrite Rules” area.
• Nginx: Convert server blocks to LiteSpeed listeners and vHosts; replicate proxy/pass rules via Contexts.

Troubleshooting: Quick Fixes

• Port already in use: Another service is on 80/443. Free it or change LiteSpeed listener ports: sudo ss -ltnp | grep :80
• HTTP/3 not detected: Open UDP/443, enable QUIC, and confirm via tools like curl –http3 or online HTTP/3 tests.
• WordPress permalinks 404: Enable Rewrite, ensure .htaccess present, or paste rules into vHost “Rewrite Rules”.
• SSL errors: Verify fullchain and key paths, correct file permissions (600 for key), and reload lsws.
• High CPU during bursts: Increase LSCache hit ratio, add PHP_LSAPI_CHILDREN cautiously, and raise opcache.memory_consumption.

Best Practices and Tuning Tips (2026)

• Prefer PHP 8.2/8.3 for performance and security.
• Use HTTP/3 with TLS 1.3 and Brotli for optimal Core Web Vitals.
• CDN: Pair with QUIC.cloud or another CDN for global latency reduction.
• Object Cache: Redis with LSCache for WooCommerce or membership sites.
• Autoscaling: For spikes, front with a load balancer and multiple LiteSpeed nodes.

Why Choose a Managed Option

If you prefer not to manage repositories, SSL renewals, caching rules, and tuning, YouStable offers LiteSpeed-optimized Linux servers with preconfigured LSCache, HTTP/3, and 24×7 support. We handle performance and security hardening so you can focus on your applications.

Conclusion

Configuring LiteSpeed on Linux server is straightforward and yields immediate gains: faster PHP, built-in HTTP/3, and powerful LSCache. Follow the steps above—install, secure, SSL, enable HTTP/3, tune PHP and cache, and harden the stack—to deliver a high-performance, secure platform ready for WordPress, WooCommerce, or custom apps.

FAQs: Configure LiteSpeed on Linux Server

Is LiteSpeed faster than Nginx or Apache for WordPress?

Yes. With LSCache and PHP LSAPI, LiteSpeed typically delivers lower TTFB and higher requests per second than Nginx (PHP-FPM) or Apache, especially under concurrency. The server-level cache and HTTP/3/QUIC support significantly improve Core Web Vitals for dynamic sites.

How do I enable HTTP/3 in LiteSpeed?

Open UDP/443 in your firewall, then in WebAdmin go to your SSL listener and set QUIC to “Enable.” Ensure TLS 1.3 is active. Verify using curl –http3 or an online HTTP/3 validator.

What’s the difference between OpenLiteSpeed and LiteSpeed Enterprise?

OpenLiteSpeed is free and ideal for single servers; LiteSpeed Enterprise is commercial with near-complete Apache compatibility and tight integration with control panels (cPanel/DirectAdmin/Plesk). Enterprise is recommended for shared hosting and multi-tenant environments.

Which ports must be open for LiteSpeed?

Open 80/TCP and 443/TCP for HTTP/HTTPS. For HTTP/3, also open 443/UDP. WebAdmin uses 7080/TCP (restrict or tunnel in production).

How do I switch PHP versions (lsphp) later?

Install the new version (e.g., lsphp83 and modules), then in WebAdmin change your external app Command to /usr/local/lsws/lsphp83/bin/lsphp, update handlers as needed, and reload lsws. Test in a staging site before switching production.

Next Steps

Deploy LSCache on your CMS, enable HTTP/3, and benchmark with tools like k6, wrk, or PageSpeed Insights. If you want a ready-to-perform stack, consider a LiteSpeed-powered server from YouStable with managed optimization and security.