> On Jan 10, 2021, at 02:10, Rene Veerman <rene.veerman.netherla...@gmail.com> > wrote: > > hi. > > i run a website which i want to harden against hacking by 3rd parties. > > i wrote this website back in 2002-2010, and then built apps on top of the > base code. > > now i want to upgrade the entire thing to the latest css3 standards and > also include anti-hacking measures, because at one point i got kicked off > the internet by my ISP because they detected the thing had indeed been > hacked, and someone installed phishing software on my site. > > i want to employ cron jobs that run regularly, to do checksum testing of > vital parts of my operating system. > > ideally, i could have a script run indefinitely or every 2 seconds, as > root, from cron, to test for changes to my filesystem (well, the part that > is governed by Directory section in > /etc/apache2/sites-enabled/001-localhost.conf) and vital OS config files. > but i do wonder if this is going to wear out the SSD where the OS and > webserver files are stored on. > and i wonder if i should be writing this script as some sort of shell > script (bash? /bin/sh? i dunno (i run ubuntu 20.04)), or if i could be > using the convenient php for it. > > and i would like to know if as far as exploits go, it's better to stay > (currently) on php7.4, or move my entire setup to php8. > > thanks for your attention and any help you might provide me. :)
For the most recent security fixes, always run the latest version of a currently supported version of PHP: https://www.php.net/supported-versions.php Currently supported versions are 7.3, 7.4, and 8.0, so you should run either 7.3.26, 7.4.14, or 8.0.1. Many Linux distributions back-port security fixes to earlier versions of PHP, so if you’ve installed PHP using a package manager, check with the maintainers to ensure your PHP version has the latest security updates. Cheers, Ben
signature.asc
Description: Message signed with OpenPGP
