Richard G
Verified User
I give them 6 months up to 1 year max after EOL date to fix their php stuff.
As for the shell scripts, yes I know, which is why I always secured the /tmp directory, which I still do by the way.
Allow up to 9 different PHP versions - 1.667
- Thread starter akadi81
- Start date
As for the shell scripts, yes I know, which is why I always secured the /tmp directory, which I still do by the way.
mhsolutions
Verified User
Yes. I use DA legacy license with Cloudlinux. If have cloudlinux, i don't need propack
Richard G
Verified User
Most of us don't.
But well... it will get problematic in the near future anyway with legacy licenses not supporting newer OS verions, next to the not supported newer database versions.
Wordpress if far ahead of others in PHP support event it is the most insecure one.. that causes the most issues...
I use cPGuard and Scan for outdated CMS ans send weekly warnings to customers that do not updated
I was wanting to change my TOS and enable that new feature but others at WHT stopped me saying that we need to educate customers not to break their sites so now it is email notification only
This is how extreme I'm ready to go with updates ...
and the wordpress is over 90% majority what we host BUT We need old versions for compatibility mainly - if a dev take new client and decide to host it with us they move it / move a copy - and start reworking the site on our hosting (they move to us because speed is great 5950, 7950 EPYC 4004 vs 2680v4 from where they are moving ) So we need old versions during conversion process ...
If I keep 2 PHP versions for compatibility and reworking (7.4 and 5.6) I cut that server from newer versions with only 4 available
Also devs on my servers reworks Open Cart Scripts (cPguard scan them and classified them as outdated - Safe) but they still require exotics like 7.1 so If only 4 versions are allowed i can offer only one new on the server where devs are working
SO I need more than 4 versions available at least for couple of months until the server is declared full
and before someone say use Cloud Linux - I believe the age of RedHat aka Prominent North American Linux Vendor (for those which remember) Clones for shared hosting is ending ... The original of which sources CL / Alma / Rocky build of and made to be 100% binary compatible It is not make their linux for our market... their current situation if perfect for their customers but not fit for cloud and hardware support is limited in the second 5 years of the OS lifetime , upgrade possibilities of the os are by third party and this product cycle skip us (DA and Plesc customers are adviced to move to 8 server not to run elevate...)- and can make long explanation if someone is interested
Debian and Ubuntu with their easy 10-15 minutes next version update - are way more fit for the cloud and for longevity and for change of virtualized hardware every couple of years...
Also that save me of the RH Clones death cycle - a lot of good small providers is selling their business around EOL of RH versions because work for migration is too much for them
I use cPGuard and Scan for outdated CMS ans send weekly warnings to customers that do not updated
I was wanting to change my TOS and enable that new feature but others at WHT stopped me saying that we need to educate customers not to break their sites so now it is email notification only
This is how extreme I'm ready to go with updates ...
and the wordpress is over 90% majority what we host BUT We need old versions for compatibility mainly - if a dev take new client and decide to host it with us they move it / move a copy - and start reworking the site on our hosting (they move to us because speed is great 5950, 7950 EPYC 4004 vs 2680v4 from where they are moving ) So we need old versions during conversion process ...
If I keep 2 PHP versions for compatibility and reworking (7.4 and 5.6) I cut that server from newer versions with only 4 available
Also devs on my servers reworks Open Cart Scripts (cPguard scan them and classified them as outdated - Safe) but they still require exotics like 7.1 so If only 4 versions are allowed i can offer only one new on the server where devs are working
SO I need more than 4 versions available at least for couple of months until the server is declared full
and before someone say use Cloud Linux - I believe the age of RedHat aka Prominent North American Linux Vendor (for those which remember) Clones for shared hosting is ending ... The original of which sources CL / Alma / Rocky build of and made to be 100% binary compatible It is not make their linux for our market... their current situation if perfect for their customers but not fit for cloud and hardware support is limited in the second 5 years of the OS lifetime , upgrade possibilities of the os are by third party and this product cycle skip us (DA and Plesc customers are adviced to move to 8 server not to run elevate...)- and can make long explanation if someone is interested
Debian and Ubuntu with their easy 10-15 minutes next version update - are way more fit for the cloud and for longevity and for change of virtualized hardware every couple of years...
Also that save me of the RH Clones death cycle - a lot of good small providers is selling their business around EOL of RH versions because work for migration is too much for them
Last edited:
OpenCart is one the scary ones.
They seemingly don't provide an upgrade path from one version to another. And seem to encourage users to stay on antiquated versions.
Why on earth would anyone run an e-commerce site with such a script.
If you're storing any customer data in the script's database and the website gets compromised due to a security hole in an antiquated version, then all of that customer data is free for the taking.
Are OpenCart website owners just not aware of this or do they just not care?
Perhaps all of this discussion can boil down to:
"I'm sorry if it wasn't explained to you from the start, but if you plan to use any script on your website. Then you have to keep it up-to-date. You can't just install a script and then never maintain it or worry with it's security and updates. The Internet just doesn't work that way."
They seemingly don't provide an upgrade path from one version to another. And seem to encourage users to stay on antiquated versions.
Why on earth would anyone run an e-commerce site with such a script.
If you're storing any customer data in the script's database and the website gets compromised due to a security hole in an antiquated version, then all of that customer data is free for the taking.
Are OpenCart website owners just not aware of this or do they just not care?
Perhaps all of this discussion can boil down to:
"I'm sorry if it wasn't explained to you from the start, but if you plan to use any script on your website. Then you have to keep it up-to-date. You can't just install a script and then never maintain it or worry with it's security and updates. The Internet just doesn't work that way."
LawsHosting
Verified User
Sad to say, during my time as a host, the average end-user doesn't know how websites work - hence using pre-made scripts - let alone keep updating the damn thing...... People just want their website to work for years........
I know Wordstress prompts you when it needs updating when you log in.... Even Installatron et al can update..... Still.....
Open Cart has official partner hosting (visible on their download page and think more pages) which is not me bu the super big company A2 they are the one to warn... I'm dev friendly hosting where upgrades happens ... I'm lucky to have couple of devs that choose to move their clients they find to me and that is what I said... and they prefer me due to faster enviorment that allows that makes their work easy...
My Exact words:
I know that - because once - they moved a client and required version 7.1 to work with temporary - because 5.6 is old but 7.4 is too new sites to work without error - and start building new site to which they will manually convert the db / import pictures etc require real dev work not clicking on upgrade buttons...
but said so 4 PHP versions only create issue for me on the Ubuntu and Debian servers as it I want to keep open for wp devs to rework... that artificial limit on the version actually stops me from providing new versions if I want to keep server dev friendly and curremt feature is perfect for my user case
P.S. I send warnings - all outdated scripts got one that is how cPGuard feature work send them Outdated warnings which classified it as medium issue - it just not send CVEs as there currently none .. WPs usually got outdated + list of CVEs
P.S.S I'm more willing to chat why I think the RH Clone is not that fit for shared hosting anymore in our current age
Last edited:
Richard G
Verified User
I woulnd't like a discussion about that, but I'm curious to read what you think the reason is. Because imho they are very well fit for shared hosting, but they don't make money out of it and I think most likely they want to start making money or need to make money for some reason.P.S.S I'm more willing to chat why I think the RH Clone is not that fit for shared hosting anymore in our current age
I am big fan of RHEL. CentOS 6 or 7 were rock stable, supported for a very long time and you can still buy cheap Tuxcare ELS to have upgrades in both systems.
And for legacy license users, RHEL is really the only choice now. Debian 12 LTS has EOL in June 2028 and that's it, no Debian 13 for legacy DA.
However Alma/Rocky 9 has security support until June 2032 and the prospect of cheap ($50-60) ELS for the next 3-4 years.
And for legacy license users, RHEL is really the only choice now. Debian 12 LTS has EOL in June 2028 and that's it, no Debian 13 for legacy DA.
However Alma/Rocky 9 has security support until June 2032 and the prospect of cheap ($50-60) ELS for the next 3-4 years.
In about hour time I will sit and write long new thread with my opinion about that ...
You can get + 5 years free ELTS for Debian from https://www.freexian.com/lts/extended/ it is payed by the big players and Oxford University - they only ask if you have a lot of servers to create a local mirror not to push downloads from their
Ubuntu gives 5 ubuntu pro licenses with every Ubuntu account (I have ubuntu one from 10 years ago in which appeared but new one also go it) that will gave support to 2032 of all components of ubuntu 22 - by all I mean I notice they patched midnight commander on ubuntu 20 ... EULA mentioned - that you can use those licenses in your business - so very generous of them - Ubuntu also mentioned it gives 50 ubuntu pro if you are active / contributing but I did not research how or what is required to get 50 one ...
I will invite you by mentioning you in the new thread
Last edited:
I would like to read too. I have some Debian servers, but just for testing. For my shared hosting customers, Cloud Linux OS with its features is useful. For VPS and dedicated server customers, either Cloud Linux or Almalinux (because we are more familiar with Redhat linea than Debian / Ubuntu). But we are considering Enhance for the next move and it's running on Ubuntu, so it is good to learn from other experiencesP.S.S I'm more willing to chat why I think the RH Clone is not that fit for shared hosting anymore in our current age
Thank you.
Pacific Spirit
Verified User
We will support PHP 5.6 until the first half of 2025 (June 1, 2025). PHP 7.3 & 7.4 will remain available until January 31, 2026. PHP 8.2 will be replaced by PHP 8.4 at the end of 2026. After these dates we will not remove it from our list, but when 8.4 will released then wil php 5.6 removed from the list. This dates are the support from our side, after those dates we do not support those versions anymore but the users are still able to use but we only not provide support for the apps that causing problems. So users choice