2

I just took over the server admin duties for a CENTOS box (6.5-FINAL), and I need some direction, as I don't come from the LAMP side.

The box is running:

  • L: CentOS 6.5 FINAL
  • A: 2.2.15 (Centos)
  • M: 5.5.36
  • P: 5.4.26
  • phpMyAdmin: 3.44

Now, I know the latest version for Centos is 7, for MySQL is 5.7.x, for PHP is 7.0.x and phpMyAdmin is 4.3.

The advice I am looking for (or pointers to resources I should be studying) is:

  • Which are crucial to update?
  • Which order should I do it in?
  • What issues might I encounter in the upgrade?
  • Any advice is greatly appreciated.

Thanks.

Red Knight 11
  • 33
  • 1
  • 4

2 Answers2

3

I would say:

  • Update CentOS if you need it (according to their site, the EOL is November 30, 2020) check here
  • Apache tends to have security updates so maybe is a good idea to update if and when possible
  • PHP is not backward compatible in lots of cases, do not update but only if the last number changes unless you know what you are doing!
  • Same for MySQL

This is MY OPINION, is not a conclusive answer. If you happen to have the resources, I would recommend to install a server with all the new software, and test the sites hosted there to see if everything works as expected.

If you update any of the productive tools you are using, ensure you can rollback!

ignivs
  • 459
  • 5
  • 11
0

I agree with a lot of what ignvis says, but I think the key factor is whether or not this server is internet-facing. If it is, you should heavily favor upgrading most of the software to the latest bug/security fix release.

You can usually update Apache to the latest 2.2.x release without issue. I would not want to upgrade PHP beyond the first two release digits, e.g. 5.4.x, but it seems that 5.4 is no longer supported, which is a big worry. I'd do some testing if possible to see if your site's PHP files work on a similar server with a newer PHP version.

phpMyAdmin is a buggy insecure nightmare, so I'd update that to the most recent version possible. You should also likely upgrade OpenSSL, as there are too many vulnerabilities in the last couple of years to list. Don't upgrade MySQL beyond the first two release digits, without extensive testing.

And really, you should test every upgrade, regardless of how important the security implications are, just to know what issues you might encounter. Can you setup a development or sandbox version of this server to test upgrades on? Even a VM on your laptop should suffice.

zymhan
  • 1,371
  • 1
  • 17
  • 30