Known issue Litespeed Cache vs Patchstack blocking connectivity
-
Subject: Urgent: LiteSpeed Cache blocking Patchstack connectivity (confirmed conflict)
Hi LiteSpeed team,
We’ve confirmed that LiteSpeed Cache is the direct cause of Patchstack Security failing to connect/sync. After losing an inordinate amount of time troubleshooting, we can say with certainty that the conflict is not in Cloudflare, the server, ModSecurity, or Wordfence — all return
200 OKon requests.To rule out every other factor, we disabled and re-enabled over 60 plugins one by one. The only scenario where Patchstack connects is with LiteSpeed Cache deactivated. With LSCache active, the connection fails consistently.
We are aware that Patchstack previously published research on LiteSpeed Cache vulnerabilities (e.g. privilege escalation and XSS) and provided vPatches until LiteSpeed’s fixes were issued. While this is not a “traditional” conflict, the way LiteSpeed handles POST/ajax requests (such as
_wcbqueries andadmin-ajax.php) appears to block or interfere with Patchstack’s API communication.We urgently need to resolve this so both plugins can coexist. Could you please confirm:
- Which specific exclusions (URIs, query strings, or ajax calls) are required for Patchstack connectivity?
- Whether additional LSCache features (ESI, Guest Mode, QUIC.cloud integrations, etc.) need adjustments. (We dont have ESI active at the moment but it is planned for testing in the next week)
- If there are known compatibility issues or a roadmap fix to allow Patchstack to function without manual workarounds.
This is not theoretical — we are fully synced at the edge, server, and firewall levels, and Patchstack fails only when LSCache is enabled. Given the time already lost, we’d greatly appreciate urgent guidance.
Thanks,
-
Hi @qtwrk
Thanks for your reply.
The error shown on Patchstack is “Connection to site failed” ~ to be clear. This is after it gives status 200 from edge right through our site. It only refuses to connect due to LS Cache being enabled.
To clarify, the issue happens 100% of the time:
- Expected behavior: Patchstack Central should connect and sync firewall rules/logs.
- Actual behavior: With LSCache enabled, Patchstack shows “site not connected.” As soon as LSCache is deactivated, Patchstack connects instantly.
Key details:
- This has been tested repeatedly. We disabled/re-enabled over 60 plugins. Only LSCache causes the issue, confirmed multiple times.
- Server-level tests (Cloudflare, ModSec, Wordfence, raw server logs, and even direct curl to api.patchstack.com) all return HTTP 200. The connection path is clean.
- We also added the recommended LSCache exclusions (
/wp-admin/admin-ajax.php,/?_wcb=query strings, etc.), but the issue persists. - It happens immediately when LSCache is active, not randomly.
Given that, it seems LSCache is interfering in some way with Patchstack’s connection (possibly via caching or request handling). Can you please escalate this internally so we can get a concrete fix or setting adjustment? This is urgent, as we’ve already lost a significant amount of time troubleshooting.
Thanks,
I will after I gathered enough information.
now I don’t understand , does this error happens when site -> patchstack ? or vice verse on patchstack -> site ? your first phrase indicates it is patchstack to site , but just to confirm
what was the URI the remote attempted to connect to your site that you see on your access log ?
and also please provide the report number , you can get it in LiteSpeed Cache -> toolbox -> report -> click “send to LiteSpeed”
The topic ‘Known issue Litespeed Cache vs Patchstack blocking connectivity’ is closed to new replies.
