Results 1 to 21 of 21
  1. #1

    Is it always better to keep PHP version up to date?

    I jusf found that there are quite a few vulnerabilities in the past version of PHP.

    So I wonder if it is always a better choice to keep PHP version up-to-date, if regardless of scripts compatibilities?

    Is there any no-good to keep it up to date?

    Does this law also apply to MySQL version?

    Many thanks in advance.
    -none-

  2. #2
    Join Date
    May 2011
    Location
    /root
    Posts
    630
    What control panel are you running?
    || Tecsys Solutions LLC | Outperforming the Performers!! ||
    || Outsourced Server Management and Technical Support Solutions ||
    || Now Offering Secure Managed VPS and Dedicated Servers specially setup for Hosting Providers ||
    || https://www.24x7TechnicalSupport.net || https://www.mxv.net ||

  3. #3
    Join Date
    Dec 2005
    Posts
    3,110
    Where have you installed PHP from?

    If you are using a package included with your linux distro for example, those packages will have security packages backported so will have a differnt build version to the official releases on php.net.

    Personally I always run the latest version of the previous tree until support is ended, then I move onto the next one. e.g. Right now PHP 5.5.x is the latest, and PHP 5.4.x is still being maintained, so we use the latest version of PHP 5.4 on all of our servers.

  4. #4
    Join Date
    Jul 2012
    Posts
    52
    Always read the change log, but usually third level updates don't brake any scripts.

  5. #5
    updates are meant to take care of vulnerabilities in previous versions.

    I think before a new release is made, there should be a bug realized in the previous editions.

    Though most users customize older versions and even use them longer than can be supported, I did advice if you depend so much on core PHP, to keep to he most up-to-date versions.
    █▌ Cheapest Domain Registration Service & Shared Hosting Solutions .
    █▌ Skrill, Perfect Money, AdvCash, Webmoney,Monero, Neteller, BitCoin, Payeer, Crypto.
    █▌ Instant Domain Name Registration - Over 700+ Extensions x3reg.com!

  6. #6
    If your application is compatible with the new versions there is no reason not keeping PHP updated.
    Innovative Monitoring Solutions - Xitoring
    Linux Server Monitoring | Windows Server Monitoring
    Uptime Monitoring | Status Page | SSL Monitoring | API Monitoring

  7. #7
    Well if you are not concern of any script compatibilities then yes its always better to use the latest production ready version of PHP and that goes to any software you are using. Not only you will get vulnerability fixes, you will be able to benefit to the new features and optimization included in the update.

    If nothing is stopping you to update. then update

  8. #8
    Join Date
    Mar 2003
    Location
    /root
    Posts
    23,991
    Moved > Hosting Security and Technology.

    Specially 4 U
    Reseller Hosting: Boost Your Websites | Fully Managed KVM VPS: 3.20 - 5.00 Ghz, Pure Dedicated Power
    JoneSolutions.Com is on the net 24/7 providing stable and reliable web hosting solutions, server management and services since 2001
    Debian|Ubuntu|cPanel|DirectAdmin|Enhance|Webuzo|Acronis|Estela|BitNinja|Nginx

  9. #9
    Join Date
    Jun 2011
    Location
    Indonesia
    Posts
    1,776
    For me
    I would better to use most recent STABLE version
    Usually new release php version have some bug.

  10. #10
    Join Date
    May 2013
    Location
    India
    Posts
    747
    Compatibility is the headache when we do PHP upgrades. If all your scripts can work fine with latest PHP, it is fine to upgrade.

  11. #11
    Join Date
    Feb 2011
    Posts
    129
    The best solution would be to support multiple PHP versions at once.

  12. #12
    Join Date
    Nov 2009
    Location
    USA
    Posts
    731
    I was told by a osting company that they can't do this on a dedicated server. Yet I have an account with another hosting provider that is able to do this.

    How can you run 2 install of PHP on a dedicated server and let the client choose which one to use?
    Energized Web Hosting
    VPS Hosting | Shared Hosting | Reseller Hosting | Domain Names

  13. #13
    Join Date
    Feb 2011
    Posts
    129
    Quote Originally Posted by energizedit View Post
    I was told by a osting company that they can't do this on a dedicated server. Yet I have an account with another hosting provider that is able to do this.

    How can you run 2 install of PHP on a dedicated server and let the client choose which one to use?
    It depends on how PHP is configured and are we talking about CPanel server?

  14. #14
    Join Date
    Mar 2005
    Location
    Ten1/0/2
    Posts
    2,529
    It is pretty easy to have multiple versions of PHP available. We offer 4 different versions.
    CPanel Shared and Reseller Hosting, OpenVZ VPS Hosting. West Coast (LA) Servers and Nodes
    Running Linux since 1.0.8 Kernel!
    Providing Internet Services since 1995 and Hosting Since 2004

  15. #15
    No CP.

    I installed PHP and MySQL using an all-in-one script from lnmp.org. I don't know if it is safe or not.
    -none-

  16. #16
    Join Date
    May 2013
    Location
    India
    Posts
    747
    It is easy to use multiple PHPs with Nginx as well. Compile in multiple PHPs with FPM and tweak the configuration of each Virtualhost to use preferred PHP version.

  17. #17
    Join Date
    Dec 2013
    Location
    Sydney, Australia
    Posts
    15
    If customers have access to the web server YES - always use the latest version of PHP. Unsupported/non-updated versions should not be used.

    If only you have access to the web server then it's not too big of a deal, however, software that uses older versions of PHP usually are those that aren't being updated anymore, which means they probably have security issues in them anyway! So as long as the software you're running on PHP is up to date then that is fine in this case!

    What you really have to worry about is that your web server itself is up to date, which in your case is nginx.

  18. #18
    Join Date
    Mar 2005
    Location
    Ten1/0/2
    Posts
    2,529
    Quote Originally Posted by mark_hughes View Post
    If customers have access to the web server YES - always use the latest version of PHP. Unsupported/non-updated versions should not be used.

    If only you have access to the web server then it's not too big of a deal, however, software that uses older versions of PHP usually are those that aren't being updated anymore, which means they probably have security issues in them anyway! So as long as the software you're running on PHP is up to date then that is fine in this case!

    What you really have to worry about is that your web server itself is up to date, which in your case is nginx.
    That is complete and utter rubbish! If you are concerned about security running an old version, then If you expose it online you are potentially at risk doesn't matter who locally has access once you are executing code with an old version.
    CPanel Shared and Reseller Hosting, OpenVZ VPS Hosting. West Coast (LA) Servers and Nodes
    Running Linux since 1.0.8 Kernel!
    Providing Internet Services since 1995 and Hosting Since 2004

  19. #19
    Join Date
    Apr 2013
    Location
    At My Desk
    Posts
    598
    If you have 100s of customers on the server, i would say no because a lot there sites will stop working.
    Been running a successful independent web hosting company for over 13 years

  20. #20
    Join Date
    Dec 2013
    Location
    Sydney, Australia
    Posts
    15
    Quote Originally Posted by RRWH View Post
    That is complete and utter rubbish! If you are concerned about security running an old version, then If you expose it online you are potentially at risk doesn't matter who locally has access once you are executing code with an old version.
    PHP is executed not via the public network, but by scripts. So your web server and the scripts running on PHP is what causes the security issues. Unless you're running PHP's built in HTTP server.

    .. and of course it's always better to have everything updated.

  21. #21
    Join Date
    Nov 2010
    Location
    Manila, Philippines
    Posts
    108
    I just instructed my VPS company to upgrade PHP into 5.3.27 but after upgrading loads of problem rose. Specially about the shortcodes in Wordpress. So I just instructed them to revert back to the previous version since I will lose all the functionalities in my site if I maintained it.
    Extreme SEO Philippines - Reliable SEO in Philippines with Proven Track Record
    Also Offer Social Media Optimization Service

Similar Threads

  1. how to run php file if file version is less than website php version
    By fsdgw563573 in forum Programming Discussion
    Replies: 2
    Last Post: 02-19-2013, 11:46 AM
  2. Problem of old php version script at new version hosting
    By globalcashsite in forum Programming Discussion
    Replies: 11
    Last Post: 01-23-2013, 10:44 AM
  3. Cpanel Version Number and last date of updates????
    By mouseattack in forum Hosting Security and Technology
    Replies: 4
    Last Post: 03-23-2005, 11:08 AM
  4. why system date and php date are different
    By e-view in forum Hosting Security and Technology
    Replies: 1
    Last Post: 10-08-2004, 03:28 AM
  5. PHP date and server date are different!
    By vovanus in forum Programming Discussion
    Replies: 2
    Last Post: 09-22-2004, 12:35 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •