Maybe help anybody a little with set them, OpenLiteSpeed with Wordpress sites + Wordfence plugin.
Wordfence free with combination of other security plugins can you get very hard security. Monthly help with 160-220 million attacks in the world: https://prnt.sc/uf2n0i
Step 1:
Update the system with root user-
Debian with "apt-get update" and "apt-get upgrade"
Ubuntu with "apt update" and "apt upgrade"
CentOS with Yum update... etc.
Step 2:
Install OpenLiteSpeed 1.6.15 (this version work with LSPHP 74)
Step 3:
Test the sites if working, when no, try in WP-Config.php the "localhost" change to "127.0.0.1".
Try delete the the site (not the directory!) and re-create him https://prnt.sc/uf1rxz .
First time 1 of 9 sites what I hosted only one not run immediately, only load the default page, but after re-create and after waiting 5-10 minutes loaded in. (Maybe a CloudFlare purge cache help or don´t know)
Step 4 (Install and activate the plugin before set Wordfence WAF!):
Wordfence security plugin not loading, there are 2 way to run it, use what you love A or B (I prefer A):
A.) Separately insert to the OLS configuration file:
"php_value auto_prepend_file /www/wwwroot/your-domain.com/wordfence-waf.php",
here under phpIniOverride: https://prnt.sc/uf1hib (thx to KrzysztofMaciejewski)
or
B.) Insert to the end of PHP configuration all your sites like this https://prnt.sc/uf1jdj :
[HOST=domain1.com]
auto_prepend_file = '/www/wwwroot/domain1.com/wordfence-waf.php'
[HOST=domain2.com]
auto_prepend_file = '/www/wwwroot/domain2.com/wordfence-waf.php'
[HOST=domain3.com]
auto_prepend_file = '/www/wwwroot/domain3.com/wordfence-waf.php'
[HOST=domain4.com]
auto_prepend_file = '/www/wwwroot/domain4.com/wordfence-waf.php'
After it, restart the OLS or PHP, what you set. Best is server restart after upgrade.
Step 5 (optimizing server):
The OpenLiteSpeed have integrated Anti-DDOS system and when detect heavy script load, automatically kicking his *ss off.
So set it A-D all:
A.) Disable Wordfence automatically update, uncheck it: https://prnt.sc/uf1wik
When he alone downloading, OLS can interrupt in the half of updating, probably get you only white screen. Update him only from Plugins page.
B.) Check the "Bypass the noabort check": https://prnt.sc/uf2ahq
C.) Check "Use Low resource scanning": https://prnt.sc/uf31z7
D.) Insert into a .htaccess file any one of these 3 setting: https://www.wordfence.com/help/advanced/system-requirements/litespeed/
I use last, one line code:
SetEnv noabort 1
E.) This step only when you coming from Nginx, you need set .htaccess file with these lines too:
https://prnt.sc/uf2edj
Copy from: https://wordpress.org/support/article/htaccess/
Step 6 (only for security, you can skip it):
A.) Change the 7080 port to another any one, find the file:
/usr/local/lsws/admin/conf/admin_config.conf
Screenshot:
https://prnt.sc/uf20nk
Then restart OLS.
B.) Change the default name of Admin and password for the OLS panel:
SSH terminal:
/usr/local/lsws/admin/misc/admpass.sh
C.) Open the port in aaPanel:
https://prnt.sc/uf238h
Then you can access your OLS panel (use format IP : PORT like: 100.100.200.200:11111). There is Live statistics and more: https://prnt.sc/uf2k0k .
Step 7:
Update the cURL and OpenSSL.
In aaPanel when you manually run the test, will be aborted, Wordfence support team say, need it update. So we wait for Jose writing back.
This problem is not with the OLS only, with Nginx I get aborted test too. The scan need your PHP files to compare with the original files in repository and warn you if are there any change.
Step 8 (only if have 1 or more site what using Cloudflare):
Open in aaPanel the OLS plugin and there change the lines https://prnt.sc/v19i7f :
accessControl{
allow ALL
deny
}
To:
accessControl {
allow ALL, 103.21.244.0/22T, 103.22.200.0/22T, 103.31.4.0/22T, 104.16.0.0/12T, 108.162.192.0/18T, 131.0.72.0/22T, 141.101.64.0/18T, 162.158.0.0/15T, 172.64.0.0/13T, 173.245.48.0/20T, 188.114.96.0/20T, 190.93.240.0/20T, 197.234.240.0/22T, 198.41.128.0/17T, 199.27.128.0/21T
}
When you have any own proxy server before your server, add his IP address too to the end of line. Don´t forget to restart OLS.
("Once enabled, your access logs will show the correct IP addresses and even PHP’s $_SERVER['REMOTE_ADDR'] variable will contain your visitors’ real IP addresses instead of a CloudFlare IP address. This will resolve most problems that might occur when enabling CloudFlare on PHP-enabled web sites (like WordPress or vBulletin installations).")