In Linux and Networking Last updated:
Share on:
Cloudways offers managed cloud hosting for any size business to host a website or complex web applications.

Lately, I moved Geekflare from Shared Hosting to DigitalOcean on CentOS 6.6, and it was all ok till I received a “High-risk vulnerabilities” alert.

high-risk-phpfpm

In CentOS 6.x when you install PHP-fpm, you will get 5.3 by default, which is considered high risk as an unsupported version.

unsupported-php

If you are still running 5.3 PHP-FPM, you must consider upgrading to the latest version 5.6. Here is how I did and you can too.

As a best practice, you must take a backup of the entire PHP and if possible perform this upgrade in non-production first to ensure no side effects on the application due to a higher version.

PHP-FPM 5.6 Installation/Upgrade Procedure

  • Login into CentOS with root
  • Execute following commands
# rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm
# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
# cd /etc/yum.repos.d
# curl -O http://rpms.famillecollet.com/enterprise/remi.repo
# yum install php-fpm php php-devel -y --enablerepo=remi-php56

If you need to install additional PHP-Modules like mbstring, mcrypt, soap,apc then you can use the following.

# yum install php-mbstring php-mcrypt php-soap php-apc -y --enablerepo=remi-php56
# yum install gd-last --enablerepo=remi
# yum groupinstall "PHP Support" --enablerepo=remi-php56 –y

By doing the above, you will have PHP-FPM latest version 5.6 installed.

Verify PHP-FPM version

[root@Chandan yum.repos.d]# /usr/sbin/php-fpm -version
PHP 5.6.12 (fpm-fcgi) (built: Aug 6 2015 17:15:15)
Copyright (c) 1997-2015 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2015 Zend Technologies
[root@Chandan yum.repos.d]#

So as you can see, now I have supported PHP version, which is secure and safe.

Once you have a PHP upgraded version, you can also check your website for security vulnerabilities from these tools.

If you are using WordPress then you can check this article where I explained how to update the WordPress PHP version on multiple platforms.

Share on:
  • Chandan Kumar
    Author
    Chandan Kumar is a seasoned technology enthusiast and entrepreneur passionate about empowering businesses and individuals globally. As the founder of Geekflare, a leading technology publication, Chandan has spearheaded the development…

Thanks to our Sponsors

More great readings on Linux

Power Your Business

Some of the tools and services to help your business grow.
  • The text-to-speech tool that uses AI to generate realistic human-like voices.

    Try Murf AI
  • Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.

    Try Brightdata
  • Monday.com is an all-in-one work OS to help you manage projects, tasks, work, sales, CRM, operations, workflows, and more.

    Try Monday
  • Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.

    Try Intruder