Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
Share on:

How to install/upgrade PHP-FPM 5.6 on CentOS 6.x?

php
Invicti Web Application Security Scanner – the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

Lately, I moved Geekflare from Shared Hosting to DigitalOcean on CentOS 6.6, and it was all ok till I received a “High-risk vulnerabilities” alert.

high-risk-phpfpm

In CentOS 6.x when you install PHP-fpm, you will get 5.3 by default, which is considered high risk as an unsupported version.

unsupported-php

If you are still running 5.3 PHP-FPM, you must consider upgrading to the latest version 5.6. Here is how I did and you can too.

As a best practice, you must take a backup of the entire PHP and if possible perform this upgrade in non-production first to ensure no side effects on the application due to a higher version.

PHP-FPM 5.6 Installation/Upgrade Procedure

  • Login into CentOS with root
  • Execute following commands
# rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm
# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
# cd /etc/yum.repos.d
# curl -O http://rpms.famillecollet.com/enterprise/remi.repo
# yum install php-fpm php php-devel -y --enablerepo=remi-php56

If you need to install additional PHP-Modules like mbstring, mcrypt, soap,apc then you can use the following.

# yum install php-mbstring php-mcrypt php-soap php-apc -y --enablerepo=remi-php56
# yum install gd-last --enablerepo=remi
# yum groupinstall "PHP Support" --enablerepo=remi-php56 –y

By doing the above, you will have PHP-FPM latest version 5.6 installed.

Verify PHP-FPM version

[root@Chandan yum.repos.d]# /usr/sbin/php-fpm -version
PHP 5.6.12 (fpm-fcgi) (built: Aug 6 2015 17:15:15)
Copyright (c) 1997-2015 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2015 Zend Technologies
[root@Chandan yum.repos.d]#

So as you can see, now I have supported PHP version, which is secure and safe.

Once you have a PHP upgraded version, you can also check your website for security vulnerabilities from these tools.

If you are using WordPress then you can check this article where I explained how to update the WordPress PHP version on multiple platforms.

Thanks to our Sponsors
More great readings on Linux
Power Your Business
Some of the tools and services to help your business grow.
  • Invicti uses the Proof-Based Scanning™ to automatically verify the identified vulnerabilities and generate actionable results within just hours.
    Try Invicti
  • Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.
    Try Brightdata
  • Semrush is an all-in-one digital marketing solution with more than 50 tools in SEO, social media, and content marketing.
    Try Semrush
  • Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.
    Try Intruder