cPFence · February 10, 2026 11:09 · Oct 20, 2024 · Oct 19, 2024
diff --git a/ols_optimize.sh b/ols_optimize.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Written by: cPFence Team / cPFence.app
+# Written by: cPFence Team / https://cpfence.app/
 #
 # Description:
 # This script is designed to automate the optimization and configuration of OpenLiteSpeed 

diff --git a/ols_optimize.sh b/ols_optimize.sh
@@ -0,0 +1,170 @@
+#!/bin/bash
+
+# Written by: cPFence Team / cPFence.app
+#
+# Description:
+# This script is designed to automate the optimization and configuration of OpenLiteSpeed 
+# running inside a Docker container or directly on the host. It backs up the existing 
+# configuration file, applies updates to critical server settings such as worker processes, 
+# CPU affinity, memory buffer sizes, and external application configurations for PHP-LSAPI. 
+# MD5 checksum validation is added to detect changes and prevent redundant updates.
+# 
+# Usage:
+# Simply configure the global variables below to match your desired settings and run the script.
+# The script will handle the rest, including backups, applying updates, and restarting the server.
+#
+# Note for Enhance Control Panel (CP) users:
+# If you are using Enhance CP, you will need to set up a cron job to run this script every minute.
+# This ensures your settings are maintained, as Enhance CP may override them. Setting up the cron
+# job guarantees the script re-applies your configurations regularly to prevent any unwanted changes.
+#
+# Example Cron Job:
+# * * * * * /path/to/your/ols_optimize.sh
+#
+# Disclaimer:
+# This script is provided "as is" without any warranties of any kind, express or implied. 
+# It is recommended to thoroughly test this script in a non-production environment prior to 
+# deployment on any live or critical systems. cPFence and Linkers Gate LLC are not liable for 
+# any damage or data loss resulting from the use of this script.
+#
+# License: Copyright (C) 2023 - 2024 Linkers Gate LLC.
+
+# Global Variables (User configurable)
+HTTPD_WORKERS="16"
+CPU_AFFINITY="1"
+ENABLE_LVE="0"
+IN_MEM_BUF_SIZE="512M"
+MAX_CONNECTIONS="100000"
+MAX_SSL_CONNECTIONS="100000"
+SND_BUF_SIZE="512k"
+RCV_BUF_SIZE="512k"
+TOTAL_IN_MEM_CACHE_SIZE="512M"
+MAX_MMAP_FILE_SIZE="64M"
+TOTAL_MMAP_CACHE_SIZE="512M"
+# AIO settings mapping (numbers correspond to options in the OpenLiteSpeed admin panel)
+USE_AIO="3"   # 3 = io_uring (Refer to the OLS admin panel for other options and their corresponding numbers)
+AIO_BLOCK_SIZE="3"  # 3 = 512K (Check the OLS admin panel for other block size options and their respective numbers)
+PHP_LSAPI_CHILDREN="500"
+LSAPI_AVOID_FORK="0"
+LSPHP_MAX_CONNS="500"
+LSPHP_AUTOSTART="2"
+
+# Using Enhance v12 option (set to 'on' if running directly on the host)
+Using_Enhance_v12="off"  # Options: "on" or "off"
+
+### DO NOT EDIT BELOW THIS LINE ###
+
+CONTAINER_NAME="openlitespeed"
+CONFIG_PATH="/usr/local/lsws/conf/httpd_config.conf"
+BACKUP_DIR="/usr/local/lsws/conf/"
+BACKUP_FILE="httpd_config_backup-$(date +"%d%m%y-%H%M%S").conf"
+MD5_FILE="/usr/local/src/ols_config_md5sum.txt"
+
+# Check if Using_Enhance_v12 is on or off and adjust the docker command accordingly
+if [ "$Using_Enhance_v12" = "on" ]; then
+    docker_cmd=""
+else
+    docker_cmd="docker exec $CONTAINER_NAME "
+fi
+
+# welcome message
+display_welcome()
+{
+    echo "**********************************************************************************************"
+    echo "*                                  cPFence Web Security                                      *"
+    echo "*                            OpenLiteSpeed Optimization Script                               *"
+    echo "*                         Copyright (C) 2023 - 2024 Linkers Gate LLC.                        *"
+    echo "**********************************************************************************************"
+}
+display_welcome
+
+# Step 1: Calculate the current MD5 hash of the config file
+CURRENT_MD5=$(${docker_cmd}md5sum $CONFIG_PATH | awk '{print $1}')
+
+# Step 2: Check if the MD5 file exists and compare hashes
+if test -f "$MD5_FILE"; then
+    STORED_MD5=$(cat $MD5_FILE)
+
+    if [ "$CURRENT_MD5" == "$STORED_MD5" ]; then
+        echo "No changes detected in the configuration. Exiting..."
+        exit 0
+    else
+        echo "Configuration has changed, applying updates..."
+    fi
+else
+    echo "No MD5 file found, applying updates..."
+fi
+
+# Step 3: Backup the current configuration
+${docker_cmd}cp -a $CONFIG_PATH $BACKUP_DIR$BACKUP_FILE
+echo "Backup created: $BACKUP_DIR$BACKUP_FILE"
+
+# Step 4: Function to add or replace config values in specific sections
+update_or_add_config() {
+    SECTION=$1
+    PARAMETER=$2
+    VALUE=$3
+
+    # Find the section first, then add or replace the parameter in that section
+    ${docker_cmd}grep -q "$SECTION" $CONFIG_PATH
+    if [ $? -eq 0 ]; then
+        # Check if the parameter exists within the section
+        ${docker_cmd}sed -n "/$SECTION/,/^[^ ]/p" $CONFIG_PATH | grep -q "$PARAMETER"
+        if [ $? -eq 0 ]; then
+            # Parameter exists, replace it within the section
+            ${docker_cmd}sed -i "/$SECTION/,/^[^ ]/ s/\($PARAMETER\s*\).*/\1$VALUE/" $CONFIG_PATH
+            echo "Updated $PARAMETER to $VALUE in $SECTION"
+        else
+            # Parameter doesn't exist, append it to the section
+            ${docker_cmd}sed -i "/$SECTION/a\\        $PARAMETER    $VALUE" $CONFIG_PATH
+            echo "Added $PARAMETER with value $VALUE to $SECTION"
+        fi
+    else
+        echo "Section $SECTION not found."
+    fi
+}
+
+# Step 5: Handle serverName and related settings if missing
+${docker_cmd}grep -q "serverName" $CONFIG_PATH
+if [ $? -ne 0 ]; then
+    ${docker_cmd}sed -i "1i serverName\n" $CONFIG_PATH
+    echo "Added serverName block at the top of the file."
+fi
+
+# Add missing httpdWorkers, cpuAffinity, and enableLVE
+update_or_add_config "serverName" "httpdWorkers" "$HTTPD_WORKERS"
+update_or_add_config "serverName" "cpuAffinity" "$CPU_AFFINITY"
+update_or_add_config "serverName" "enableLVE" "$ENABLE_LVE"
+update_or_add_config "serverName" "inMemBufSize" "$IN_MEM_BUF_SIZE"
+
+# Step 6: Update tuning settings
+update_or_add_config "tuning" "maxConnections" "$MAX_CONNECTIONS"
+update_or_add_config "tuning" "maxSSLConnections" "$MAX_SSL_CONNECTIONS"
+update_or_add_config "tuning" "sndBufSize" "$SND_BUF_SIZE"
+update_or_add_config "tuning" "rcvBufSize" "$RCV_BUF_SIZE"
+update_or_add_config "tuning" "totalInMemCacheSize" "$TOTAL_IN_MEM_CACHE_SIZE"
+update_or_add_config "tuning" "maxMMapFileSize" "$MAX_MMAP_FILE_SIZE"
+update_or_add_config "tuning" "totalMMapCacheSize" "$TOTAL_MMAP_CACHE_SIZE"
+
+# Correct useAIO and AIOBlockSize mappings to 3
+update_or_add_config "tuning" "useAIO" "$USE_AIO"
+update_or_add_config "tuning" "AIOBlockSize" "$AIO_BLOCK_SIZE"
+
+# Step 7: Update external processor settings for lsphp (Correct env values)
+${docker_cmd}sed -i "s/env\s*PHP_LSAPI_CHILDREN=.*/env                     PHP_LSAPI_CHILDREN=$PHP_LSAPI_CHILDREN/" $CONFIG_PATH
+${docker_cmd}sed -i "s/env\s*LSAPI_AVOID_FORK=.*/env                     LSAPI_AVOID_FORK=$LSAPI_AVOID_FORK/" $CONFIG_PATH
+
+# Step 8: Correctly target maxConns in extprocessor lsphp only
+${docker_cmd}sed -i "/extprocessor lsphp {/,/}/ s/maxConns\s*.*/maxConns                $LSPHP_MAX_CONNS/" $CONFIG_PATH
+
+# Update autoStart for lsphp
+update_or_add_config "extprocessor lsphp" "autoStart" "$LSPHP_AUTOSTART"
+
+# Step 9: Save the new MD5 hash of the config file
+${docker_cmd}md5sum $CONFIG_PATH | awk '{print $1}' > $MD5_FILE
+
+# Step 10: Restart OpenLiteSpeed to apply the changes
+${docker_cmd}/usr/local/lsws/bin/lswsctrl restart
+echo "OpenLiteSpeed restarted with updated configuration."
+
+exit 0
No results found