[Feature Request] LS admin back-end with PHP5 by default

#1
Good day,

So far, the PHP announced the end of branch four life and some PCI compliance tests how showing security issue at the port with LiteSpeed, saying that it's better to upgrade PHP up to branch 5.

So, I wanted to know, if LiteSpeed Tech are going to switch LiteSpeed Admin's back-end to PHP 5 or should we resolve the issue by ourselves. As far as I understand the issue has a different solution:

- set expose_php to off in LS install dir admin/conf/php.ini
but what if LiteSpeed upgrade will rewrite the file?
- install PHP 5 with LiteSpeed manually
LiteSpeed upgrade can rewrite this again...?
- Close admin's back-end in firewall and open it to trusted IPs only
but what if we have dynamical IP with wide range or using different locations?

Is there a better solution
and
are you going to switch LS admin's back-end to PHP 5 by default?
 

mistwang

LiteSpeed Staff
#2
We will migrate the PHP engine to PHP5 for the web admin interface sometime in the future.

3.3.20 should make those security scanner quiet as it on longer expose the PHP version.
 
Top