So, RedHat Enterprise Linux doesn't support the MCrpyt module, but you can get it from the Fedora project through the EPL. This would work fine, except the fact that we're using SoftWare Collections (SCL) to get a newer version of PHP (5.4).
So what is the best approach to getting the dependencies for laravell on RHEL 6.6 and keeping PHP 5.4 in the most vendor supported way possible?
About mcrypt, libmcrypt is a dead project, unmaintained for ~8 years, last version 2.5.8 was released in February 2007!... and despite lot of open tickets, no activity. Cryptography is a very important part of security management. Looking at the past, and issue discovered / fixed in various software, and the need to always increase security standards, and to drop old algorithms, how can we imagine using an 8 years old software ?
More, http://blog.remirepo.net/post/2015/07/07/About-libmcrypt-and-php-mcrypt
This explain why php-mcript is not part of RHEL/RHSCL official packages.
Additional packages for php54 collection (including php54-php-mcrypt) are available on https://www.softwarecollections.org/en/scls/remi/php54more/
And FYI, Laravel 5.1 doesn't requires mcrypt anymore.
Related
According to the PHP documentation on unsupported branches
using [unsupported branches of PHP] may expose you to security vulnerabilities and bugs that have been fixed in more recent versions of PHP.
Debian 11, the current stable release, comes with PHP 7.4. which according to the PHP documentation on supported versions ceased being actively supported 6 months ago and will only be supported for security for another 5 months. I assume this means that in 5 months time, which seems like a short time in the life of a production web server, PHP 7.4 will be considered as unsupported by the official PHP organization.
What should I do in order to set up a Debian server for a secure production PHP website?
My current best idea is to set up Apache on Debian 11 and import an 'unofficial' repository from Ondřej Surý who seems to have a good reputation for producing reliable PHP packages. Then I should be able to install PHP 8 from his repository.
Another idea would be to use PHP 7.4 with Debian 11 now and upgrade to Debian 12 assuming it ships with PHP 8. That would presumably be the safest approach theoretically but in practice sounds like a lot of admin with scope for a lot of problems.
I have seen quite a lot of advice which strongly urges users not to install software from repositories that do not ship with the distro. This wiki from Debian is an example.
Are there more sensible alternatives? If so what are they? If not which of my ideas should I pursue?
What would be the best version to install 7.4 or 8.08? All I want to do is make a basic website, so I know 7.4 will suffice. Just curious if there is anything big I'm missing out on, I also cannot find where to install 8.08
Always prefer installing the latest version of the php as many things get deprecated in the older version and after some time some libraries may stop supporting your php version and you may not able to integrate your third party services. Also try to keep your software upgraded to the latest version. Also I feel mamp gives update really late. Some of the tasks are easy to do in mamp like port change and all but if you prefer xampp than you can get the latest version. but everything has their prons and cons. Xampp doesn't allow upgrading to latest version but mamp does so if you want to upgrade in xampp than you have to again install it.
Is Zend Framework 2 work with PHP version 5.3.2?. During the skeleton application installation i got following message.Is this just a warning or it will cause any problem in future?
D:\web\Apache24\htdocs\zendsample>composer create-project -n -sdev zendframework
/skeleton-application D:\web\Apache24\htdocs\zendsample
Your version of PHP, 5.3.22, is affected by CVE-2013-6420 and cannot safely perf
orm certificate validation, we strongly suggest you upgrade.
Installing zendframework/skeleton-application (2.4.11)
Make thinks short :
With PHP 5.3 you'll not able to use Traits and new features php 5.4 wich is used in most of vendor plugin and the framework itself.
Usually it's strongly recommanded to upgrade your PHP version.
From this link PHP version maintained PHP 5.3 is no longer maintained since 2014. It's antique. You'll be face to security issues and no evolution of your code will be possible.
To answer your question :
You'll not able to use traits
You'll faceing security issues
You'll not able to improve your code withe best practises (wich evolves permanently)
your views can't use short version for echoing stuff <?='toto'?>
All new features linked above are not supported with your version if it's used in the framework, you'll can't run the framework itself.
I recommend upgrade your version at least at 5.6 or 7 for a good longevity support
EDIT : 5.5 to 5.6 because 5.5 no longer supported.
After getting this message i just upgraded my php to 5.5.
We are currently looking at starting more consistent updates on our servers and want to be running the most current packages that are considered stable as possible. We run mainly Centos 6 servers with a few Centos 5 servers that need to be rebuilt/replaced in the near future. One of the servers in particular we are looking to update needs MySQL 5.5 and PHP 5.5 for the application running on it. It currently has the base yum repo on a Centos 6 machine and we are looking at using remi and epel as additional repos for more current packages.
When evaluating the processes and procedures we want to start using for these updates, we are looking at doing REMI Repository installations or getting the source code or RPMs from the vendors to do the updates. A couple of the questions that were asked by our superiors were:
Are the RPMs signed?
Is any testing or validity of the installations packages done prior to the release?
We were able to answer the first one from the remi website documentation with a yes.
We are mainly in need of documentation answering the second question posed to us. We have searched for a while now and have not found anything answering this question to date, and from a search of the stackoverflow posts I have not seen anything along these lines either.
Any assistance in finding documentation with an answer would be greatly appreciated.
Software Collections repository (maintained by Red Hat) is probably what you want:
https://www.softwarecollections.org/en/scls/
It have all of PHP 5.5, MySQL and MariaDB 5.5. E.g. for php55 it says "Ready for production deployments.".
I'm trying to get PCI Compliance for my dedicated server (Red Hat Enterprise Linux), which is running Magento. When I first installed Magento on the server, I realized that RHEL comes with a PHP version which is too old for Magento (5.1.6). So, I found a separate repo with PHP version 5.2.11, which got everything running fine, but now I'm in a bind. My PCI Compliance test says that since my PHP version is < 5.3.1 it has security issues. If I try to update to 5.3.1, Magento breaks. I don't want to edit the Magento core to fix those problems, so I guess what I need is a repo with PHP 5.2.11, but that I can confidently say/prove has back-ported to patch up the issues that the PCI Compliance scan identifies.
I realize this is terribly convoluted, but if you have any suggestions/tips I'd be happy to hear them.
Thanks.
If you are using 5.2.11, that is the current stable version of the 5.2 branch so you would be safe from a PCI perspective (it should be the same as saying I'm running Office 2003 with all the service packs). There won't be any backporting issues as 5.3 and 5.2 are two different sets of code. Bugs in 5.3 will not necessarily affect 5.2 and vice versa.
This is unlike kernels, where Redhat will regularly backport patches. Redhat keeps all the CVE's updated with this information.