?

Log in

No account? Create an account
Jan. 27th, 2013 @ 09:11 pm Webhosting weirdness
Current Mood: disappointeddisappointed
I administer quite a few sites, five in total. Four of those are hosted by the same webhoster (where I also had my dad host his personal domain). They offer PLESK as their administrative interface, along with Installatron to deploy popular server-side applications on your domain -- my preferred method to install Wordpress, for instance.
I had thought that I would enjoy doing a campaign blog for my Streamdales campaign, so I sought to install Wordpress on my own personal play-around site, using Installatron. Imagine my surprise when I got the message that the version of PHP was too old for the newest version. So I quickly threw together a page that dumped the output of phpinfo(), and found out that the build date of PHP on that machine was somewhere in 2007.

I would think that in the past five years, there have been quite a few critical bugs fixed. I try to keep the Wordpress installations on my site up-to-date; I don't find the idea of my site being used to spread malware or spam very attractive. But if the supporting software is so old, that is basically undermined by my hoster. I'm quite dissapointed and sent their helpdesk a mail to ask after their upgrade policy.

Depending on their answer (and actions) I might have to move my sites over to another hoster.
About this Entry
WTF!?
[User Picture Icon]
From:merle_
Date:January 27th, 2013 10:34 pm (UTC)
(Permanent Link)
On the other hand, abuses used against the PHP of 2007 went out of style in 2008. After 2001 viruses simply could not effect my Win95 box because they tried to attack things that did not exist. That box exists as my "I can plug this into the network and it is completely safe" machine.

As a developer of course I would want to have the latest and greatest, and PHP certainly has more features now than then. Difference of purpose.
(Reply) (Thread)
[User Picture Icon]
From:fub
Date:January 28th, 2013 10:24 am (UTC)
(Permanent Link)
I think that these days, most of the hacking is done by automatic exploit tools that can be bought on a black market. If I were the programmer of such a tool, I'd make sure to include quite a few 'old' vulnerabilities -- unpatched systems are the low-hanging fruit of hackers.
(Reply) (Parent) (Thread)
[User Picture Icon]
From:merle_
Date:January 28th, 2013 03:56 pm (UTC)
(Permanent Link)
Yes -- you or I would. But most attacks are by script kiddies who just grab the latest 'sploit and stick to the cutting edge, who just want into whatever systems they can. A targetted attack is much harder to deal with (in theory impossible).
(Reply) (Parent) (Thread)