Results 1 to 17 of 17
  1. #1
    Join Date
    Mar 2009
    Posts
    3,700

    do you use EA4 ?

    Hi,

    i try to upgrade my ea3 to ea4,

    i find it has MultiPHP at cpanel,

    but i had enable Select PHP version on my cloudlinux,

    do you enable both the two one together ?

  2. #2
    Join Date
    Aug 2015
    Posts
    182
    Quote Originally Posted by ttgt View Post
    Hi,

    i try to upgrade my ea3 to ea4,

    i find it has MultiPHP at cpanel,

    but i had enable Select PHP version on my cloudlinux,

    do you enable both the two one together
    ?
    Please explain a bit more?

  3. #3
    Join Date
    Mar 2009
    Posts
    3,700
    Hi,

    my question is,

    do you enable both easyapache4's MultiPHP and cloudlinux's Select PHP ?

  4. #4
    Join Date
    Mar 2003
    Location
    /root
    Posts
    23,991
    No need to enable MultiPHP if you have Cloudlinux.

    Specially 4 U
    Reseller Hosting: Boost Your Websites | Fully Managed KVM VPS: 3.20 - 5.00 Ghz, Pure Dedicated Power
    JoneSolutions.Com is on the net 24/7 providing stable and reliable web hosting solutions, server management and services since 2001
    Debian|Ubuntu|cPanel|DirectAdmin|Enhance|Webuzo|Acronis|Estela|BitNinja|Nginx

  5. #5
    Join Date
    Mar 2009
    Posts
    3,700
    Quote Originally Posted by net View Post
    No need to enable MultiPHP if you have Cloudlinux.
    do you mean disable MultiPHP from package's feature manage?

  6. #6
    Hi,

    Yes, keep only one at a time. CloudLinux would be more preferred over the cPanel multiPHP.
    www.24x7servermanagement.com
    Server Management, Server Security, Server Monitoring.
    India's Leading Managed Service Provider !! Skype: techs24x7

  7. #7
    Join Date
    Mar 2009
    Posts
    3,700
    Quote Originally Posted by Srv24x7 View Post
    Hi,

    Yes, keep only one at a time. CloudLinux would be more preferred over the cPanel multiPHP.

    may i ask why do you think such point ? do oyu make any compare ?

    ok,personally,i also more like cl's selector.

  8. #8
    Join Date
    Dec 2011
    Location
    Netherlands
    Posts
    979
    Quote Originally Posted by Srv24x7 View Post
    Hi,

    Yes, keep only one at a time. CloudLinux would be more preferred over the cPanel multiPHP.
    Actually our users prefer cPanel MultiPHP over the CloudLinux one because they can change it per site level, where CloudLinux is done per account level.
    And looking at actual modules, it's a very small percentage of customers that actually spend their time enabling or disabling modules.

  9. #9
    Join Date
    Mar 2009
    Posts
    3,700
    Hi,

    yes,compare domains part,cPanel MultiPHP has more detail.

    but cloudlinx has ild 5.2 and 5.3,and cpanel does not offer,

    and i ever saw cloudlinux will
    apply patch for those old php version,

    im not sure if cPanel MultiPHP also has those security concern ?

  10. #10
    Join Date
    Dec 2011
    Location
    Netherlands
    Posts
    979
    Quote Originally Posted by ttgt View Post
    Hi,

    yes,compare domains part,cPanel MultiPHP has more detail.

    but cloudlinx has ild 5.2 and 5.3,and cpanel does not offer,

    and i ever saw cloudlinux will
    apply patch for those old php version,

    im not sure if cPanel MultiPHP also has those security concern ?
    cPanel multiPHP doesn't have those security concerns for a very good reason - they shouldn't patch software that is EOL.
    It's fine that CloudLinux offers 5.2 and 5.3 - but be aware that 5.4 was deprecated 1 year ago, 5.3 was deprecated 2 years and 1 month ago, PHP 5.2 being deprecated 5 years and 8 months ago.
    Hosting providers should tell their customers to update their software to be compatible with newer PHP versions.

    Not even 5.5 is officially supported anymore :-)

    I find it weird that hosting providers even want to offer so old versions, they are the ones that should be pro-security, and ask their customers to upgrade their old software.

    So if you really want to be a part of the companies that support EOL software, go ahead, use the CloudLinux PHP Selector - if you require customizable modules for customers use PHP Selector (and hopefully only offer versions that are not EOL) - and if you want flexibility in terms of per site - go for cPanel MultiPHP.

  11. #11
    Join Date
    Sep 2016
    Location
    Brisbane, Australia
    Posts
    20
    Quote Originally Posted by Hosting4Real View Post
    So if you really want to be a part of the companies that support EOL software, go ahead, use the CloudLinux PHP Selector - if you require customizable modules for customers use PHP Selector (and hopefully only offer versions that are not EOL) - and if you want flexibility in terms of per site - go for cPanel MultiPHP.
    While I fully support using the highest PHP version you can (5.6 or higher), CloudLinux does offer HardenedPHP which will make the lower versions somewhat more secure than the standard release: https://www.cloudlinux.com/hardenedphp
    Net Virtue Premium Australian Hosting Solutions
    Web Hosting | VPS Servers | Dedicated Servers | Colocation | Domains | Transit | http://bgp.he.net/AS132680 Multi-homed Brocade powered network.
    P: 1300 885 303 E: sales@netvirtue.com.au W: https://netvirtue.com.au

  12. #12
    - enabling EA4 multiPHP manager and PHP-Selector from CLoudLinux will make things confusing for customers. Better to hide one of them with feature manager. As hardened PHP provides more older versions and clean design - decide hiding MultiPHP manager.

  13. #13
    Join Date
    Jun 2001
    Location
    Princeton
    Posts
    1,029
    Quote Originally Posted by Hosting4Real View Post
    cPanel multiPHP doesn't have those security concerns for a very good reason - they shouldn't patch software that is EOL.
    It's fine that CloudLinux offers 5.2 and 5.3 - but be aware that 5.4 was deprecated 1 year ago, 5.3 was deprecated 2 years and 1 month ago, PHP 5.2 being deprecated 5 years and 8 months ago.
    Hosting providers should tell their customers to update their software to be compatible with newer PHP versions.

    Not even 5.5 is officially supported anymore :-)

    I find it weird that hosting providers even want to offer so old versions, they are the ones that should be pro-security, and ask their customers to upgrade their old software.

    So if you really want to be a part of the companies that support EOL software, go ahead, use the CloudLinux PHP Selector - if you require customizable modules for customers use PHP Selector (and hopefully only offer versions that are not EOL) - and if you want flexibility in terms of per site - go for cPanel MultiPHP.
    Well, let me first explain why Hardened PHP, and why some hosts offer versions 5.1, 5.3 or even 4.4. If your hosting is here for a year or two -- you really don't need it. Yet, once you are established company, with lots of clients, that had been with you for years - you will notice that significant amount of your clients don't upgrade their sites every year.
    They still run using old PHP versions, and upgrading to new one might break their sites. Now, you have few options:
    1. fix their sites (quite problematic if you have a lot of customers)
    2. tell customers to fix their sites (they might, or they might leave)
    3. run outdated/not supported PHP that has more and more known security issues each month.
    4. run HardenedPHP with all the security fixes provided by CloudLinux - and let customers stay on their older version.
    Now, you have to balance costs of #1 & #4. Maybe you can fix all those sites for less then $14/month. I don't know.
    Yet, #2 & #3 are a sure way to increase your churn. It is highly recommended if you don't need customers.

    Now, regarding EOL. Even though php 5.5 is EOL from PHP.net, you still get patched up version of PHP 5.3 with RHEL 6, or PHP 5.4 with RHEL 7 (and I think PHP 5.5 as well).
    That is because RedHat has a bunch of developers who's job is to back port and resolve all the security issues in those 'outdated' versions of PHP. They will regularly release updates for PHP 5.3 & 5.4. The same is done by Ubuntu.
    The same is done by us (CloudLinux) as well. Any time new vulnerability comes out for PHP - we check all the versions from 4.4 up to 7, and patch them. Any time new release of PHP comes up, we analyze all the bugs, figure out those that can be used as security vulnerability, and backport fixes into old versions of PHP.
    Here is an example:
    https://www.cloudlinux.com/cloudlinu...loader-updated

    So, those versions, when they come from CloudLinux, they are not EOL, they are fully supported. Same like if you would get them from RHEL or Ubuntu.
    Igor Seletskiy
    CEO @ Cloud Linux Inc
    http://www.cloudlinux.com
    CloudLinux -- The OS that can make your Shared Hosting stable

  14. #14
    Join Date
    Dec 2011
    Location
    Netherlands
    Posts
    979
    Quote Originally Posted by iseletsk View Post
    Well, let me first explain why Hardened PHP, and why some hosts offer versions 5.1, 5.3 or even 4.4. If your hosting is here for a year or two -- you really don't need it. Yet, once you are established company, with lots of clients, that had been with you for years - you will notice that significant amount of your clients don't upgrade their sites every year.
    They still run using old PHP versions, and upgrading to new one might break their sites. Now, you have few options:
    1. fix their sites (quite problematic if you have a lot of customers)
    2. tell customers to fix their sites (they might, or they might leave)
    3. run outdated/not supported PHP that has more and more known security issues each month.
    4. run HardenedPHP with all the security fixes provided by CloudLinux - and let customers stay on their older version.
    Now, you have to balance costs of #1 & #4. Maybe you can fix all those sites for less then $14/month. I don't know.
    Yet, #2 & #3 are a sure way to increase your churn. It is highly recommended if you don't need customers.

    Now, regarding EOL. Even though php 5.5 is EOL from PHP.net, you still get patched up version of PHP 5.3 with RHEL 6, or PHP 5.4 with RHEL 7 (and I think PHP 5.5 as well).
    That is because RedHat has a bunch of developers who's job is to back port and resolve all the security issues in those 'outdated' versions of PHP. They will regularly release updates for PHP 5.3 & 5.4. The same is done by Ubuntu.
    The same is done by us (CloudLinux) as well. Any time new vulnerability comes out for PHP - we check all the versions from 4.4 up to 7, and patch them. Any time new release of PHP comes up, we analyze all the bugs, figure out those that can be used as security vulnerability, and backport fixes into old versions of PHP.
    Here is an example:
    https://www.cloudlinux.com/cloudlinu...loader-updated

    So, those versions, when they come from CloudLinux, they are not EOL, they are fully supported. Same like if you would get them from RHEL or Ubuntu.
    Hi Igor,

    Quote Originally Posted by iseletsk View Post
    If your hosting is here for a year or two -- you really don't need it.
    Even if it's 10 or 15 years old, you don't have to support PHP 4.4, 5.0, 5.1, or even 5.2 - if you *have* to support that to prevent churn, then maybe the company should focus more on helping customers getting stuff up to date - this doesn't have to be very time consuming. There's plenty of examples of companies with 10, 15, 20, 50, 100k+ customers that have been able to deprecate php versions that are actually EOL (in term of php.net) - without really increasing their churn rate - and without spending a lot of time helping out the customers where sites (might) not work - it requires planning, and communication (long time in advance), and migration will take time - but it's very doable, even for big companies.

    So I disagree - and even for a company existing for 6 years, still not an issue :-)

    Quote Originally Posted by iseletsk View Post
    you will notice that significant amount of your clients don't upgrade their sites every year.
    They don't have to. We've seen php versions that broke a lot of things - sure, and those were a pain (such as 5.3 to 5.4) - but even customers that usually didn't update, still managed to do it, if you inform them why an update is important - and what benefits it gives. That way they usually also understand, also if you have 5 million customers.

    Quote Originally Posted by iseletsk View Post
    Yet, #2 & #3 are a sure way to increase your churn. It is highly recommended if you don't need customers.
    If those ways are a 'sure way' to increase churn, then you're communicating to the customer wrong, or not in a timely manner. I myself worked on a platform with 120k customers, we informed almost 8 months in advance that stuff would be upgraded from 5.2 to 5.6 - and looking back at the general churn rate - it didn't increase.
    But sure if you go tell your customers "We update php tomorrow" then you'll have a bad time.

    Quote Originally Posted by iseletsk View Post
    4. run HardenedPHP with all the security fixes provided by CloudLinux - and let customers stay on their older version
    I like HardenedPHP - we use CloudLinux ourselves, sure we deprecate versions when they actually go EOL, but still we offer multiple versions.
    But even though HardenedPHP solves a lot of problems, it also introduces one major problem - the fact that you can run those versions forever, and then the customer can keep being calm and never do anything, so the whole "Lets deprecate EOL software" becomes harder because you provide software that goes completely against deprecating anything.

    Quote Originally Posted by iseletsk View Post
    Now, regarding EOL. Even though php 5.5 is EOL from PHP.net, you still get patched up version of PHP 5.3 with RHEL 6, or PHP 5.4 with RHEL 7 (and I think PHP 5.5 as well).
    There's also a big difference between 4.4 and 5.3 in my opinion - we're talking 6 years apart between those two versions.

    In the end, getting customers to new php versions require some work, yes - but you can easily prevent them from churning even if you inform that there will be a (forced) upgrade within a time period, it's all about how you handle the whole migration process - if you have good communication skills, and can help customers mitigate a lot of their issues, such as providing information of what will actually break, and how to fix many things - then usually they actually see it positive - that's at least what we experienced in our migration of 120k customers (which surely took some time, but still).

    If finally a customer churn because he was unhappy that he couldn't use his 8 year old PHP version - then he'll be happy somewhere else that still provides old software.

    Communication, communication and communication :-) Then things are not as bad as you think.

    Oh and by the way, I do like a lot of features in CloudLinux, but PHP 4.4, 5.0, etc are not one of them
    Hosting4Real - European (NL/FR) High Performance Web Hosting

  15. #15
    Join Date
    Jun 2001
    Location
    Princeton
    Posts
    1,029
    Actually,y those companies with 100,000 - 10,000,000 etc, customers are the one who requested HardenedPHP from us in the first place. You can disagree, but we have the statistics
    TBH: The more sites they had, the more excited they were.
    Igor Seletskiy
    CEO @ Cloud Linux Inc
    http://www.cloudlinux.com
    CloudLinux -- The OS that can make your Shared Hosting stable

  16. #16
    Join Date
    Dec 2011
    Location
    Netherlands
    Posts
    979
    Quote Originally Posted by iseletsk View Post
    Actually,y those companies with 100,000 - 10,000,000 etc, customers are the one who requested HardenedPHP from us in the first place. You can disagree, but we have the statistics
    TBH: The more sites they had, the more excited they were.
    No need to get statistics - and I see their point, because that scale makes it harder to upgrade - but it's far from impossible to do - and wouldn't surprise me if many of those hosts are owned by EIG today - meaning they lost their soul.

    Also it differs from business to business if they can manage to pull off an upgrade like that - some hosts (even when they're big) are still very technical and want to have latest and greatest - and these companies will have an easy time (let's put things in perspective with others at same size) with migrating even hundred thousand customers.

    But there's businesses, where you sit on a management team, that want everything as cheap as possible, and everything is about milking the customers for their money and provide the worst customer experience ever (yet they still manage to have customers for somewhat reason).

    Those I don't see upgrading, and probably those that love your HardenedPHP the most, because it saves them time on 'maintenance' of your systems.

    So sure, there's big companies that love HardenedPHP, I'm not doubting that at all - the concept of HardenedPHP is great - and I love you guys for building it - but my opinion, you took it too far with php versions - sometimes we just have to 'let go'.

  17. #17
    Join Date
    Apr 2002
    Posts
    1,789
    Just going to chime in with a thought.

    In a shared hosting environment (which is what CloudLinux is geared towards, yes?) most clients use Joomla! or WordPress if they are using a CMS for their website. Most of them do not have any programming background or knowledge. They simply follow the instructions to install Joomla! or WordPress or whatever CMS they are using.

    By perpetuating end-of-life PHP versions, this in turn perpetuates end-of-life Joomla! scripts, which in turn leads to a lot of abuse and account compromises. While HardendPHP or backported PHP end-of-life versions may be secure, the scripts they are propping up are not, and it is the scripts that become the compromise point.

    It's mind boggling at the number of users that still use Joomla! 1.5 and therefore have to have a host that still provies PHP 5.4. Joomla! 1.5 went end-of-life in September 2012. Why is it still being used? (Answer: because the upgrade path is hard, and nobody wants to deal with that)

    I will level with you some what. The limited lifetimes for PHP versions is borderline ridiculous. Is it too much to ask for PHP to release a version of PHP with a 5 or even a 10 year lifetime? I'm not sure at this stage what more there is that really needs changing in the PHP language to warrant such a rapid release schedule.

    Linux distributions do tend to hang on to older PHP versions and versions that have gone end-of-life. I'm not especially fond of this. But, I think a lot of enterprise level companies may have (or at least are more likely to have) their own in-house programmers, that either design their own custom CMS software or are capable of modifying and securing popular open-source CMS projects, like Joomla!, so that using an end-of-life script is not as much of an issue.

    This is not what happens in shared hosting (at least that I am aware of). In a shared hosting environment, Johnny B. Client installs Joomla! and then never, ever, ever bothers to check and see if it needs updating or bother to update it. It is not until their website starts showing deprecated errors that they inquire with their host, who should then tell them that they are using an out-of-date and potentially exploitable script. By constantly allowing Johnny to roll back to older versions of PHP, his website remains working, which certaintly looks nice, but keeps him oblivious to the potential for compromise.

    An easy solution isn't always the best solution.

    I would also suggest that a majority of users that use CMS software, don't really need CMS software. They just need a website with static content. If your intention is to put up a website and then never, ever touch it again, you don't want a script controlling that website, you just want static content. In that situation, the version of PHP being used is moot. Perhaps the web hosting industry isn't doing a good enough job in pointing out that installing Joomla! or WordPress or any CMS is the be-all, end-all of making a website. If you are going to install Joomla! or WordPress or any CMS, you have to be ready and willing to keep that software up-to-date.

    I would also add that CloudLinux doesn't make you include end-of-life PHP versions. So this really boils down to being something that web hosting companies need to address. Perhaps web hosting companies are not aware of the implications of offering end-of-life PHP versions.
    Last edited by SPaReK; 10-01-2016 at 02:54 PM. Reason: added last paragraph

Similar Threads

  1. What do you use your Dedicated Server for?
    By Eagle_ in forum Dedicated Server
    Replies: 28
    Last Post: 06-26-2001, 07:56 AM
  2. operating systems which do you use?
    By cabalstudios in forum Shared Hosting Offers
    Replies: 8
    Last Post: 05-17-2001, 09:56 PM
  3. What S/W Do You Use To Track Resellers?
    By joel in forum Reseller Hosting
    Replies: 0
    Last Post: 03-19-2001, 12:05 PM
  4. What mail server do you use?
    By mpkapadia in forum Hosting Security and Technology
    Replies: 5
    Last Post: 03-13-2001, 02:17 PM
  5. what site tracker do you use?
    By Dave1997 in forum Web Hosting
    Replies: 8
    Last Post: 09-30-2000, 09:56 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •