Shared operating system (OS) developer CloudLinux has announced the availability of HardenedPHP, an exclusive feature of CloudLinux OS that helps hosting providers secure old and unsupported versions of PHP.
In those old versions, including widely used 5.2, 5.3, and, as of September 15th, 2015 also 5.4, vulnerabilities, even if discovered, are not patched by the PHP.net community. CloudLinux OS HardenedPHP patches all PHP versions against known vulnerabilities.
PHP is universal and represents more than 80% of all server side scripts. About 85% of all PHP sites would use highly popular PHP versions – 5.2, 5.3, and 5.4. Because of this wide application usage, PHP is consistently exploited by hackers.
Over 100 vulnerabilities, of which many were critical, have been discovered for the unsupported versions of PHP and all have now been patched by CloudLinux.
“Web developers write their scripts to accommodate for a particular PHP version, and unfortunately, just because a version becomes obsolete, companies are not able to update and change programs to accommodate for newer versions”, said Igor Seletskiy, Founder and CEO at CloudLinux. “Since retired PHP versions are no longer supported by the community to prevent against security issues, CloudLinux OS now includes HardenedPHP, which patches old PHP versions so that hosting companies do not have to force their users to re-write scripts written for an older PHP version, risk breaking their sites, or leave servers and sites unsupported and vulnerable.”
HardenedPHP is working alongside CloudLinux OS PHP Selector feature, and allows hosting providers to offer various packaged PHP versions on a single shared Web server.