Php 7 has been released and your production environment needs to be upgraded. Apache 2.4 came out 10 years ago, yet you are running Apache 2.2. OpenSSL 1.1.0f is the current GA version, your servers use OpenSSL 0.9.8. A lot of companies have outdated software running in live environments, making them vulnerable to commonly exploitable weaknesses. Based on the information I have gathered working with dozens of companies, it is commonplace to see servers running open source software that is 5, 10 or even 15 years old. A simple google search for vulnerabilities on these older versions produces exploits and kits that any person can use to wreck your company’s share prices, data and reputation. Learn how to protect yourself, your team and your company from threats by these methods.
We will use some common techniques to upgrade and harden our servers, concentrating on PHP, Apache, and OpenSSL. Hardening the operating system needs to happen as well, but this talk will be centered on the software. Bringing your coworkers, employers and colleagues on board with your migration plan will allow you to more easily move from the old to the new. Here we will cover the skills you need to learn, the resources available to assist you, and the methods to accomplish a migration that will result in a secure and robust production environment.