• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Php 5.2.8

J

jamescrown

Guest
Hello,

There is a recent vulnerability in PHP 5.2.6

The available build of plesk 9.0 081208.18 is currently installing PHP 5.2.6 to %plesk_bin% and %plesk_dir%\additional\pleskphp5

Can you please release a new build of Plesk 9.0 which uses PHP 5.2.8 ?

Thank you.
 
I think you can just intall the new version into that directory and it should work fine, the same apply to php4
 
That works for %plesk_dir%\additional\pleskphp5 only. So yes, the PHP version clients use can be upgraded however the version that plesk control panel uses cannot as it will cause errors. Currently this is causing sites hosted on Plesk servers to fail PCI compliance unless you prevent the scanner access to port 8880 and 8443.
 
you will have to replace the php.ini file that plesk is using. Plesk is using the php.ini file under admin folder
do not forget to copy some settings from the old php.ini
 
Hello,

Do you currently have PHP 5.2.8 working from %plesk_bin%? Please only respond to this post if you know how to get PHP 5.2.8 working from %plesk_bin%.
 
jamescrown said:
Hello,

There is a recent vulnerability in PHP 5.2.6

The available build of plesk 9.0 081208.18 is currently installing PHP 5.2.6 to %plesk_bin% and %plesk_dir%\additional\pleskphp5

Can you please release a new build of Plesk 9.0 which uses PHP 5.2.8 ?

Thank you.
Click to expand...

It will pass 50 years before parallels will be able to release abything like that.
They are not able to fix bugs that were present in plesk 8.6 and are still present in plesk 9.
I can tell you that they are probably amazed that php works with theire product.
They are just lame so dont't expect anything except more bugs.
 
How to "get around" PCI Compliance

The default installation for Plesk php exposes the php header information by adding it's signature to the web server header. That is how the PCI Compliance companies "see" what version you are using. You can turn this off with (so far) no ill effects by going to php.ini in %plesk_dir%/admin and changing:

expose_php = On

to

expose_php = Off
 
You must log in or register to reply here.

Similar threads

P
Question PHP 7.1 for old Magento 1.x site
Replies
11
Views
607
pvdv
P
P
Resolved memcached PHP extension for PHP support instruction error
Replies
13
Views
964
Peter Debik
P
A
Resolved Git Deployment Action Error: /opt/plesk/php/8.0/bin/php: No such file or directory
Replies
2
Views
2K
alexschomb
A
E
Resolved PHP 7.4 on Almalinux 9
Replies
2
Views
1K
Erwan
E
QWeb Ric
Question Rocky 9 support
Replies
5
Views
235
QWeb Ric
QWeb Ric
Back
Top