0

I have an old server that is running a webshop in production. It is running CentOS / Apache 2.2.15 and PHP 5.3 (Build 22 Mar 2017). Are there any security risks associated with this setup? I have heard that CentOS is quite secure and ships backports to patch newly found issues, even till today.

Best Greetings, Jim

punch jvc
  • 1

1 Answers1

1

The version numbers mentioned in the question seem to suggest that you are referring to Centos 6.

Centos 6 is EOL since November 30th, 2020, so the backported fixes that you refer to are now purely theoretical.

It is however correct that, while still supported, the distribution was delivering security updates to their packaged version rather than new versions.

Håkan Lindqvist
  • 33,741
  • 5
  • 65
  • 90
  • Thank you very much for your reply. Does that mean that there is an exploit currently? – punch jvc Jan 19 '21 at 19:27
  • @punchjvc The entire operating system is EOL, meaning that if a vulnerability is found in the packaged apache httpd or any other component for that matter, no one is working to deliver any updates. I do not know whether there is a relevant vulnerability being exploited at this time, but you should upgrade regardless. – Håkan Lindqvist Jan 19 '21 at 21:23