Website not loading after being transfered to new LS server.

Scootie

Member
Feb 16, 2020
5
2
3
Romania
cPanel Access Level
Reseller Owner
Hello,

So we had this website of one of our clients moved to a litespeed server because he was having loadtime issues and wanted to give it a try see if it works better.
However, we ended up with a strange issue.

After the transfer which happened in the night we had no problem to access the site from our location with Chrome, Firefox, Comodo, IE 11 or Edge in the morning,
However, the client was unable to access his site with IE11 from his location, had no issue loading with Chrome or Mozilla tough. So we figured it must be a local cache issue and asked to clear cache and see if it works.

It didn't. He has 3 locations in our country from where his offices access the website, none want to load from IE 11. We dont know why he wants to use IE 11 but he is the client so we leave it at that.

Meantime, he installed a new OS(Win 7) on a PC and tried to load his site with IE11(same ISP but over a 3G USB card), didnt work. He has the same ISP as we(I) have at home/work. We tried to access from multiple ISP's his website and it works. Only on his local PC's doesnt work.
We found this problem on the internet that has to do with IE11 and LS.
However, we have Build 8 on that server so it shouldnt be an issue.
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,255
313
Houston
Hello, the resolution is also noted in that thread:

Code:
Are you running cPanel and their default cipher suite? If so, Apache and older version of LSWS does not support "CHACHA20-POLY1305", so this configuration has no effect, so the default Apache cipher suite is used and it includes "ECDHE-RSA-AES128-SHA".
No matter which version you're running if you're not including the cipher ECDHE-RSA-AES128-SHA which is known to be weak but disables IE11 he will *NOT* be able to view it. This is discussed further in a more recent litespeed thread here: SSLCipher override

These are considered weak ciphers and should only be used as a last result which is why we purposely chose not to include them:

Security/Server Side TLS - MozillaWiki


and the output from Qualys:

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH secp521r1 (eq. 15360 bits RSA) FS WEAK128
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH secp521r1 (eq. 15360 bits RSA) FS WEAK128

Support for IE11 will end completely in v88 of cPanel/WHM and this is noted in our deprecation plan here: cPanel Deprecation Plan | cPanel & WHM Documentation


Also - litespeed is at v5.4 currently, I'd strongly urge you to update your version to get the latest security updates/fixes
 
Last edited: