AlmaLinuxRHEL Based

How To Install OpenLiteSpeed on AlmaLinux 10

r00t

Install OpenLiteSpeed on AlmaLinux 10

OpenLiteSpeed stands as a powerful, high-performance web server solution that has revolutionized the hosting landscape. As the open-source version of LiteSpeed Web Server Enterprise, it delivers exceptional performance while maintaining ease of use and robust functionality. This comprehensive guide will walk you through the complete installation process of OpenLiteSpeed on AlmaLinux 10, ensuring a smooth and successful deployment.

Table of Contents

What is OpenLiteSpeed?

OpenLiteSpeed represents a cutting-edge web server technology built on an event-driven architecture that significantly outperforms traditional process-based servers like Apache. Unlike conventional web servers, OpenLiteSpeed utilizes an asynchronous, non-blocking I/O model that enables it to handle thousands of concurrent connections with minimal resource consumption.

The web server includes built-in caching mechanisms, HTTP/3 support, and seamless Apache configuration compatibility, making it an ideal choice for modern web applications. Its lightweight footprint combined with enterprise-grade features makes it particularly suitable for both small websites and large-scale deployments.

Why Choose OpenLiteSpeed on AlmaLinux 10?

AlmaLinux 10 provides an enterprise-grade, community-driven operating system that offers long-term stability and security. When combined with OpenLiteSpeed, this combination delivers unmatched performance benefits including faster page load times, reduced server resource usage, and improved user experience.

Performance benchmarks consistently show OpenLiteSpeed outperforming both nginx and Apache in various scenarios, particularly under high-load conditions. The server’s ability to serve static files efficiently while maintaining excellent PHP processing speeds makes it an excellent choice for content management systems and dynamic web applications.

Prerequisites and System Requirements

Hardware Requirements for AlmaLinux 10

Before beginning the installation process, ensure your system meets the minimum hardware requirements. Your server should have a 64-bit x86_64 processor running at minimum 1.1 GHz, though higher specifications are recommended for production environments.

Memory requirements include a minimum of 1.5-2 GB RAM, with 4 GB strongly recommended for production deployments. Storage needs vary depending on your intended use, but allocate at least 10 GB of disk space, with 20 GB recommended for optimal performance and future growth.

Network connectivity is essential for accessing package repositories and downloading necessary components during installation. Ensure your server has a stable internet connection and properly configured DNS settings.

Software Prerequisites

A fresh AlmaLinux 10 installation provides the ideal foundation for OpenLiteSpeed deployment. You’ll need root access or an account with sudo privileges to execute installation commands and configure system settings.

Basic command-line interface knowledge is beneficial for navigating the installation process and performing system administration tasks. While not strictly required, having a registered domain name pointing to your server simplifies SSL certificate configuration and website hosting.

Network and Security Prerequisites

Several network ports must be accessible for OpenLiteSpeed to function properly. Port 22 enables SSH access for server management, while ports 80 and 443 handle standard HTTP and HTTPS web traffic respectively.

Port 7080 provides access to the WebAdmin interface for server configuration, and port 8088 serves the default OpenLiteSpeed welcome page. Consider firewall configuration requirements and implement appropriate security measures to protect these services.

Understanding OpenLiteSpeed Architecture

Core Features and Benefits

OpenLiteSpeed’s event-driven architecture fundamentally differs from traditional web servers by processing requests asynchronously rather than spawning separate processes for each connection. This approach dramatically reduces memory overhead and enables superior scalability.

The server includes advanced caching mechanisms at multiple levels, including server-side caching for dynamic content and intelligent static file serving. These features significantly improve website performance and reduce server load, particularly for high-traffic websites.

Built-in Security Features

Security remains paramount in OpenLiteSpeed’s design philosophy. The server includes integrated ModSecurity support, comprehensive SSL/TLS capabilities, and built-in DDoS protection mechanisms.

Additional security features include request filtering, IP-based access control, and automatic attack prevention systems. These features work together to provide robust protection against common web vulnerabilities and malicious attacks.

Step 1: System Preparation

Updating AlmaLinux 10

Begin the installation process by ensuring your AlmaLinux 10 system is completely up-to-date. This step prevents potential conflicts and ensures compatibility with OpenLiteSpeed packages:

dnf update -y

This command updates all installed packages to their latest versions and applies any available security patches. The process may take several minutes depending on the number of updates available and your internet connection speed.

Installing Required Dependencies

Install essential packages needed for the OpenLiteSpeed installation process. These dependencies include tools for downloading files and managing package repositories:

dnf install -y wget epel-release

The wget utility enables downloading files from remote servers, while epel-release provides access to the Extra Packages for Enterprise Linux repository containing additional software packages required by OpenLiteSpeed.

Configuring System Settings

Optimize your system for web server operations by configuring appropriate timezone settings and hostname resolution. These settings ensure proper logging and system identification:

timedatectl set-timezone UTC
hostnamectl set-hostname your-server-name

Consider adjusting system limits and kernel parameters to accommodate higher connection loads if you anticipate heavy traffic. These optimizations can significantly improve performance under load.

Step 2: Adding OpenLiteSpeed Repository

Repository Installation Methods

OpenLiteSpeed provides multiple methods for adding their official repository to your AlmaLinux 10 system. The automated script method offers the simplest approach:

wget -O - https://repo.litespeed.sh | sudo bash

This command downloads and executes the official repository installation script, automatically configuring your system to access OpenLiteSpeed packages. The script handles GPG key installation and repository configuration seamlessly.

Alternatively, you can manually install the repository package using RPM:

rpm -Uvh http://rpms.litespeedtech.com/centos/litespeed-repo-1.3-1.el8.noarch.rpm

Repository Verification

Verify successful repository installation by checking the available OpenLiteSpeed packages:

dnf search openlitespeed

This command should display available OpenLiteSpeed packages, confirming proper repository configuration. If no packages appear, troubleshoot repository configuration or network connectivity issues.

Step 3: Installing OpenLiteSpeed

Core Installation Process

Install OpenLiteSpeed using the DNF package manager with the following command:

dnf install openlitespeed -y

The installation process automatically handles dependency resolution and installs all necessary components. Monitor the output for any error messages or warnings that might indicate installation issues.

PHP Installation Options

Install PHP 8.1 with essential extensions commonly required for web applications:

dnf install lsphp81 lsphp81-common lsphp81-mysqlnd lsphp81-gd lsphp81-process lsphp81-mbstring lsphp81-xml lsphp81-opcache lsphp81-zip lsphp81-curl lsphp81-json -y

These extensions provide database connectivity, image processing capabilities, string handling functions, and performance optimizations essential for modern web applications.

Compatibility Library Installation

Install the libxcrypt-compat library to resolve potential runtime issues on modern RHEL-based systems:

dnf install libxcrypt-compat -y

This library ensures compatibility between OpenLiteSpeed and the updated cryptographic libraries in AlmaLinux 10, preventing authentication and security-related errors.

Installation Verification

Verify successful installation by checking the OpenLiteSpeed version:

/usr/local/lsws/bin/lshttpd -v

This command displays the installed OpenLiteSpeed version and build information, confirming successful installation and proper binary installation.

Step 4: Initial Configuration

Setting Administrative Password

Configure the WebAdmin console administrator credentials using the built-in password configuration utility:

/usr/local/lsws/admin/misc/admpass.sh

When prompted, enter a username (default is ‘admin’) and create a strong password for accessing the WebAdmin interface. Document these credentials securely as they provide full administrative access to your web server.

Service Management Setup

Configure OpenLiteSpeed as a system service to enable automatic startup and proper service management:

systemctl start lsws
systemctl enable lsws
systemctl status lsws

These commands start the OpenLiteSpeed service, enable automatic startup on system boot, and display current service status. The status output should show “active (running)” indicating successful startup.

Directory Structure Overview

Understanding OpenLiteSpeed’s directory structure facilitates effective administration and troubleshooting:

  • /usr/local/lsws/ – Main installation directory containing binaries and configuration files
  • /usr/local/lsws/conf/ – Server configuration files and virtual host definitions
  • /usr/local/lsws/admin/ – WebAdmin console files and administrative tools
  • /usr/local/lsws/logs/ – Server logs including access logs and error logs

File Permissions and Security

Ensure proper file permissions and ownership for OpenLiteSpeed directories to maintain security while enabling proper functionality. The web server runs under the ‘nobody’ user account by default, requiring appropriate permissions for content directories.

Step 5: Firewall Configuration

Opening Required Ports

Configure firewalld to allow traffic on necessary ports for web server operation:

firewall-cmd --zone=public --permanent --add-port={80/tcp,443/tcp,8088/tcp,7080/tcp}
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --reload

These commands open HTTP (80), HTTPS (443), default page (8088), and WebAdmin (7080) ports while applying the configuration permanently. The reload command activates the new firewall rules immediately.

Security Considerations

Consider restricting WebAdmin port (7080) access to specific IP addresses for enhanced security. Administrative access should be limited to trusted networks or VPN connections in production environments.

Implement additional security measures such as fail2ban for brute force protection and consider using non-standard ports for administrative access to reduce automated attack exposure.

Firewall Rule Verification

Verify firewall configuration by listing active rules and testing connectivity:

firewall-cmd --list-all

This command displays all active firewall rules, confirming proper port configuration and service allowances.

Step 6: Accessing WebAdmin Console

WebAdmin Interface Overview

Access the WebAdmin console by navigating to http://your-server-ip:7080 in a web browser. The interface provides comprehensive server management capabilities including virtual host configuration, performance monitoring, and security settings.

Accept the self-signed SSL certificate warning that appears on first access, as OpenLiteSpeed generates a default certificate for the administrative interface. Plan to replace this with a proper SSL certificate for production use.

Install OpenLiteSpeed on AlmaLinux 10

Interface Navigation and Configuration

The WebAdmin interface organizes configuration options into logical sections including Server Configuration, Virtual Hosts, Listeners, and Real-Time Statistics. Each section provides specific functionality for different aspects of server management.

Navigate through the interface systematically, starting with basic server settings before proceeding to virtual host configuration and advanced features. The dashboard provides real-time performance metrics and system status information.

Install OpenLiteSpeed on AlmaLinux 10

Initial Security Hardening

Configure basic security settings through the WebAdmin interface including access logging, security headers, and connection limits. These settings establish a security baseline for your web server.

Review default configuration settings and adjust them according to your security requirements and performance needs. Document any changes made for future reference and troubleshooting purposes.

Step 7: Creating Virtual Hosts

Understanding Virtual Host Concepts

Virtual hosts enable serving multiple websites from a single OpenLiteSpeed installation by differentiating requests based on domain names or IP addresses. This functionality is essential for hosting multiple sites or applications on one server.

Each virtual host maintains its own configuration including document root, access logs, security settings, and PHP version. This isolation ensures that configuration changes or issues with one site don’t affect others.

Creating Your First Virtual Host

Access the WebAdmin interface and navigate to Virtual Hosts → Add Virtual Host to create a new virtual host configuration. Provide a unique name and specify the document root directory where website files will be stored.

Configure essential settings including index file names, access logging preferences, and security restrictions. These settings determine how the virtual host handles incoming requests and serves content to visitors.

Domain Configuration and Testing

Associate domain names with your virtual host by configuring appropriate mapping in the Listeners section. This configuration tells OpenLiteSpeed which virtual host should handle requests for specific domains.

Test virtual host functionality by creating a simple index.html file in the document root and accessing it through a web browser. Verify that the correct content displays and that server logs record the access properly.

Step 8: PHP Configuration and Optimization

PHP Version Management

OpenLiteSpeed supports multiple PHP versions simultaneously, allowing different virtual hosts to use different PHP versions as needed. This flexibility is particularly valuable for hosting legacy applications alongside modern ones.

Configure PHP handlers for each virtual host through the WebAdmin interface, specifying which PHP version and configuration should process PHP scripts. This granular control enables optimization for specific application requirements.

Essential PHP Extensions

Install additional PHP extensions based on your application requirements:

dnf install lsphp81-bcmath lsphp81-intl lsphp81-soap lsphp81-xmlrpc lsphp81-pspell -y

These extensions provide additional functionality for mathematical operations, internationalization, web services, and other common web application features.

PHP Performance Optimization

Configure PHP settings for optimal performance including memory limits, execution timeouts, and OPcache settings. These optimizations significantly impact application performance and server resource utilization.

Adjust php.ini settings through the WebAdmin interface or by editing configuration files directly. Key settings include memory_limit, max_execution_time, and opcache configuration parameters.

LSAPI Optimization

Configure LSAPI (LiteSpeed Server Application Programming Interface) settings to optimize PHP processing performance. Adjust parameters such as max connections, process lifecycle settings, and memory allocation based on your server resources and traffic patterns.

Step 9: SSL/TLS Configuration

SSL Certificate Options

OpenLiteSpeed supports various SSL certificate types including self-signed certificates for development, Let’s Encrypt certificates for production use, and commercial certificates for enterprise applications.

Choose the appropriate certificate type based on your security requirements, budget constraints, and intended use case. Let’s Encrypt certificates provide free, trusted SSL certificates suitable for most production deployments.

Let’s Encrypt Integration

Install Certbot for automated Let’s Encrypt certificate management:

dnf install certbot -y

Obtain SSL certificates for your domain:

certbot certonly --webroot -w /usr/local/lsws/Example/html -d yourdomain.com

This command generates certificates and private keys that can be configured in OpenLiteSpeed for secure HTTPS connections.

HTTPS Listener Configuration

Configure HTTPS listeners on port 443 through the WebAdmin interface. Specify certificate paths, private key locations, and SSL protocol settings to enable secure connections.

Configure SSL security settings including cipher suites, protocol versions, and HSTS (HTTP Strict Transport Security) to ensure robust security posture.

Certificate Renewal Automation

Set up automatic certificate renewal for Let’s Encrypt certificates to prevent service interruption:

crontab -e
# Add: 0 2 * * 0 certbot renew --force-renew

This cron job automatically renews certificates weekly, ensuring continuous SSL functionality without manual intervention.

Step 10: Performance Optimization

Server-Level Performance Tuning

Optimize OpenLiteSpeed server configuration for maximum performance by adjusting key parameters including connection limits, timeout values, and worker process configuration.

Key parameters to optimize include:

  • Max Connections: Determines maximum concurrent connections
  • Connection Timeout: Controls inactive connection cleanup
  • Keep-Alive settings: Manages persistent connection behavior

Cache Configuration

Configure built-in caching mechanisms to improve response times and reduce server load. OpenLiteSpeed provides multiple caching layers including static file caching and dynamic content caching.

Enable and configure appropriate cache policies based on your content types and update frequencies. Proper caching configuration can dramatically improve website performance and user experience.

Resource Optimization

Optimize memory usage and CPU utilization through careful configuration of buffer sizes, process limits, and I/O settings. These optimizations ensure efficient resource utilization and improved scalability.

Monitor server performance metrics through the WebAdmin interface and adjust configuration parameters based on observed usage patterns and performance bottlenecks.

Step 11: Security Hardening

Access Control Implementation

Implement comprehensive access controls including IP-based restrictions, directory protection, and authentication mechanisms. These controls limit access to sensitive areas and reduce security risks.

Configure .htaccess-style rules through OpenLiteSpeed’s native configuration system to control access to specific directories, file types, or URL patterns.

Security Headers Configuration

Configure essential security headers to protect against common web vulnerabilities:

  • X-Frame-Options: Prevents clickjacking attacks
  • X-Content-Type-Options: Prevents MIME type sniffing
  • X-XSS-Protection: Enables browser XSS filtering
  • Content Security Policy: Controls resource loading

ModSecurity Integration

Install and configure ModSecurity for advanced web application protection against OWASP Top 10 vulnerabilities and other common attacks.

Configure appropriate rule sets and customize detection sensitivity based on your application requirements and false positive tolerance levels.

Step 12: Troubleshooting Common Issues

Installation Problems

Common installation issues include repository access problems, dependency conflicts, and SELinux compatibility issues. Verify internet connectivity, repository configuration, and package availability when encountering installation failures.

Check system logs and installation output for specific error messages that indicate the root cause of installation problems. Address dependency conflicts by updating the system or installing missing packages manually.

Service Startup Issues

Troubleshoot OpenLiteSpeed startup failures by examining service logs and configuration files. Common causes include port binding conflicts, configuration syntax errors, and permission problems.

Use systemctl commands to diagnose service status and check for detailed error messages:

systemctl status lsws -l
journalctl -u lsws

Performance Issues

Identify and resolve performance bottlenecks by monitoring resource usage, analyzing access logs, and adjusting configuration parameters. Common performance issues include memory exhaustion, CPU overutilization, and database connection problems.

Use the WebAdmin interface’s real-time statistics to monitor server performance and identify optimization opportunities.

SSL/HTTPS Problems

Troubleshoot SSL-related issues including certificate validation errors, cipher suite mismatches, and configuration problems. Verify certificate integrity, check domain name matching, and ensure proper file permissions.

Test SSL configuration using online tools and browser developer tools to identify specific issues and validation problems.

Monitoring and Maintenance

Log Management

Implement comprehensive log management including log rotation, analysis, and monitoring. OpenLiteSpeed generates access logs, error logs, and administrative logs that provide valuable insights into server operation and security events.

Configure appropriate log retention policies and implement log analysis tools to identify trends, security issues, and performance problems proactively.

Performance Monitoring

Establish baseline performance metrics and implement ongoing monitoring to detect performance degradation or capacity issues. Regular monitoring enables proactive optimization and capacity planning.

Use built-in monitoring tools and consider third-party monitoring solutions for comprehensive server and application performance tracking.

Security Updates

Maintain current security patches and updates for both OpenLiteSpeed and the underlying AlmaLinux system. Regular updates ensure protection against newly discovered vulnerabilities and maintain system stability.

Implement a structured update process that includes testing in development environments before applying updates to production systems.

Congratulations! You have successfully installed OpenLiteSpeed. Thanks for using this tutorial for installing the OpenLiteSpeed web server on your AlmaLinux OS 10 system. For additional help or useful information, we recommend you check the official OpenLiteSpeed website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more Linux tutorials!
Back to top button