GoFuckYourself.com - Adult Webmaster Forum - View Single Post

6South · 02-07-2012, 06:41 AM

PHP is a risk no matter what version you upgrade to and installing the latest, greatest build of PHP is almost guaranteed to break at least one of your apps.

As usual, this type of vulnerability can be protected against without constant upgrading by simply managing your PHP configuration and responsible administration / monitoring of your servers.

Suhosin, responsible PHP settings, active protection (mod_security) and a decent malware / exploit scanner will serve you much better than trying to keep up with the patches. For every published exploit there's at least a dozen others out there at any given time.

02-07-2012, 06:41 AM
6South Registered User Industry Role: Join Date: Jan 2011 Posts: 84	PHP is a risk no matter what version you upgrade to and installing the latest, greatest build of PHP is almost guaranteed to break at least one of your apps. As usual, this type of vulnerability can be protected against without constant upgrading by simply managing your PHP configuration and responsible administration / monitoring of your servers. Suhosin, responsible PHP settings, active protection (mod_security) and a decent malware / exploit scanner will serve you much better than trying to keep up with the patches. For every published exploit there's at least a dozen others out there at any given time.