H
Hak Foo
Guest
So I have a client (they're too big to ignore) who's screaming:
"Our merchant account requires our site to be audited and pass all the audit details".
Now, some of this stuff is reasonable to fix, like "lock MySQL so it can't be accessed from outside", and "lock BIND from doing recursive DNS queries".
The problem is that about two thirds of the "fail grade" complaints are
"Server on port 8880 uses a version of PHP < 5.2.4"
and
"Server on port 8443 uses a version of PHP < 5.2.4"
I can upgrade the main stuff to 5.2.4 (which forced a MySQL update, then having to change Plesk from 8.0.0 to 8.1.1) but I can't see a way to fix Plesk's PHP. I tried linking the "real" PHP (5.2.4) to sit where the Plesk PHP (5.0.5) was, and it didn't help.
And honestly, I'm unsure if replacing the 5.0.5 Plesk expects with 5.2.4 would be a good thing.
Is there any alternative? I could maybe even see configuring the mini-Apache used for the control panel to not show a version string.
Please don't tell me to upgrade to Plesk 8.2. I went to 8.1 because I figured it would minimize disruption, being the smallest step that would support MySQL 5 (nobody mentioned Plesk 8.0 hated MySQL 5 until AFTER I upgraded that), and it still took almost all day to restore order (qmail-local was broken by the upgrade, and some of the mail account rebuilding went poorly).
"Our merchant account requires our site to be audited and pass all the audit details".
Now, some of this stuff is reasonable to fix, like "lock MySQL so it can't be accessed from outside", and "lock BIND from doing recursive DNS queries".
The problem is that about two thirds of the "fail grade" complaints are
"Server on port 8880 uses a version of PHP < 5.2.4"
and
"Server on port 8443 uses a version of PHP < 5.2.4"
I can upgrade the main stuff to 5.2.4 (which forced a MySQL update, then having to change Plesk from 8.0.0 to 8.1.1) but I can't see a way to fix Plesk's PHP. I tried linking the "real" PHP (5.2.4) to sit where the Plesk PHP (5.0.5) was, and it didn't help.
And honestly, I'm unsure if replacing the 5.0.5 Plesk expects with 5.2.4 would be a good thing.
Is there any alternative? I could maybe even see configuring the mini-Apache used for the control panel to not show a version string.
Please don't tell me to upgrade to Plesk 8.2. I went to 8.1 because I figured it would minimize disruption, being the smallest step that would support MySQL 5 (nobody mentioned Plesk 8.0 hated MySQL 5 until AFTER I upgraded that), and it still took almost all day to restore order (qmail-local was broken by the upgrade, and some of the mail account rebuilding went poorly).