lsphp security patches

Discussion in 'General OpenLiteSpeed Discussion' started by silentneedle, Mar 1, 2017.

  1. silentneedle

    silentneedle New Member

    Is it still safe to use lsphp 5.4 from the OpenLitespeed and/or Remi repository? Or are no security patches applied anymore?
     
  2. lsfoo

    lsfoo Administrator

    Hi @silentneedle

    The lsphp repositories are updated when the PHP repositories are updated. PHP set 5.4 to be EOL around September 2015, so that was the last time we updated the repositories with security fixes.

    Kevin
     
    silentneedle likes this.
  3. silentneedle

    silentneedle New Member

    Oh I see, I'm using Centos (which is still on 5.4 on default) that's why I'm asking. Could I use OpenLitespeed with php (not lsphp)?

    Is php-openlitespeed from the remi repo also unpatched when using 5.4?
     
  4. lsfoo

    lsfoo Administrator

    We're not sure if remi has backported security fixes with 5.4. OLS will work with other PHP sapi, but they won't have the same performance or security (it's going to be a cost of one or the other).

    If you are not limited to 5.4 (meaning the PHP code you have doesn't require 5.4), you can yum install one of our more recent lsphp packages and set up OLS to use that. That way, you can keep up to date with all the latest features and security patches (7.0+ is a big improvement over 5.x).

    We can always help you with this process if you're willing to make the change and run into any issues!

    Kevin
     
  5. silentneedle

    silentneedle New Member

    Unfortunately the current php code is not php >5.4 ready. When using OLS without lsphp, I just need to add a external fastcgi app which points to php-fpm, right?
     
  6. Pong

    Pong New Member

    1. Which repo does the PHP (php-fpm) you mentioned come from? Does it have some more patch than remi? Normally remi has already in the leading position for PHP.
    2. LSAPI is the LiteSpeed way to communicate with php, which is also faster than other apache ways. You can compile PHP yourself with patch you need.
     
  7. silentneedle

    silentneedle New Member

Share This Page