Submit Your Article Forum Rules

Results 1 to 3 of 3

Thread: PHP4 vulnerable to Hackers after 8/8/08?

  1. #1
    Junior Member
    Join Date
    Jan 2007
    Posts
    27

    Unhappy PHP4 vulnerable to Hackers after 8/8/08?

    I have two older ecommerce sites. They are built aroud PHP4. I have been told somewhat vaguely that after 8/8/08 these sites will be totaly open and vulnerable to hackers and visuses with no offical patches released to fix any of those issues. Does anyone out there know if this is true and if so know what my recourse would be?
    Thanks,
    Muskie

  2. #2
    Junior Member
    Join Date
    Aug 2003
    Location
    TX
    Posts
    3

    Re: PHP4 vulnerable to Hackers after 8/8/08?

    I suspect your information is based on this accouncement from php's website:

    The PHP development team would like to announce the immediate availability of PHP 4.4.8. It continues to improve the security and the stability of the 4.4 branch and all users are strongly encouraged to upgrade to it as soon as possible. This release wraps up all the outstanding patches for the PHP 4.4 series, and is therefore the last normal PHP 4.4 release. If necessary, releases to address security issues could be made until 2008-08-08.

    This references the official "end of life" of php4, which is 8 August 2008. After that time, there will be no more security fixes made. Since php5 has been out now almost four years, this is understandable.

    While your sites will not be "totally open and vulnerable" at that time - if any new hacks are found, they won't be officially fixed.

    If your ecommerce sites generate income, it would probably be in your best interest to upgrade to php5 compatible software.

  3. #3
    Senior Member
    Join Date
    Jan 2008
    Posts
    304

    Re: PHP4 vulnerable to Hackers after 8/8/08?

    Quote Originally Posted by muskie View Post
    I have two older ecommerce sites. They are built aroud PHP4. I have been told somewhat vaguely that after 8/8/08 these sites will be totaly open and vulnerable to hackers and visuses with no offical patches released to fix any of those issues. Does anyone out there know if this is true and if so know what my recourse would be?
    Thanks,
    Muskie
    Nothing particularly special about 8/8/08 unless you purchased a lot of stock in companies selling Y2K fixes. Support for PHP 4 was discontinued December 31, 2007. Older versions of PHP have more security risks and fewer features than new versions. You should consider updating to PHP 5.2+ and prepare for version 6+.

    If you are running your sites on PHP4 you should consider running some tests of your sites using your current version of PHP and the newer version as some code may be deprecated and/or require adjustments to your php.ini file at minimum.

    If you are running an older version of MySQL you might consider testing your sites with a more recent version.

    Good luck.

    Good luck.
    I use Hidden Content as added security for my networks and servers.

Similar Threads

  1. Installing both PHP4 & PHP 5 on Apache
    By chandrika in forum General Tech Help
    Replies: 9
    Last Post: 03-19-2010, 10:23 AM
  2. updated server to plesk 8.01 with php5 (from php4) site down
    By Orion in forum Web Programming Discussion Forum
    Replies: 3
    Last Post: 09-19-2006, 02:33 PM
  3. Vulnerable versions of phpBB
    By WPW_Feedbot in forum IT Discussion Forum
    Replies: 0
    Last Post: 12-21-2004, 01:01 PM
  4. Bug in PHP4.3.4 (win32)?
    By pedstersplanet in forum IT Discussion Forum
    Replies: 3
    Last Post: 11-05-2004, 05:00 AM
  5. Linux servers vulnerable too
    By minstrel in forum IT Discussion Forum
    Replies: 0
    Last Post: 12-04-2003, 11:52 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •