Behind the Scenes: Shellshock & PHP 5.4

Here’s another quick update on what’s been going on here behind the scenes at Dathorn. As you may have heard, critical bugs were discovered in the popular Linux shell, bash. This event, dubbed “Shellshock”, started to publicly unfold about two weeks ago.

shellshock-bugThe details of these vulnerabilities can be a bit difficult to follow given the number of different patches that were posted. It even required a few quick, consecutive updates from some Linux distributions just to get it right. It seemed like each time a new patch was released someone else was able to poke holes in it, finding new methods to exploit and turning bash into a bit of swiss cheese.

I was pleasantly surprised by the number of clients that reached out to us inquiring as to whether or not we had applied any patches or what steps we had taken to protect our servers. As always, we had the situation well under control and were monitoring updates very closely. Initially we ended up deploying some firewall and mod_security rules to help while official patches were being worked on. LiteSpeed released an update to address any possible exploitation via HTTP and we applied all bash patches as soon as they were available. At this point most related activity has quieted down, with Red Hat even having released an updated “at” package to fix issues created by their bash updates. We’ll continue to monitor all of our security resources closely to make sure we¬† stay on top of issues like this!

PHP

As initially announced back in August, today we completed migrating all of our servers to PHP 5.4. Previously we had been running PHP 5.3 as the default with 5.4, 5.5, and 5.6 as other available options. This has now changed to PHP 5.4 being the default due to PHP 5.3 reaching its end of life. PHP 5.3 will remain as a secondary option for an undetermined period of time while a very small number of users continue to work out some compatibility issues. We’ll be making another announcement once we’ve decided on a date for the removal of PHP 5.3. If you believe you’ve been impacted by this or just want to read further details please see the related forum thread here.

Leave a Reply