-
Pretplati se
Subscribed
Already have a WordPress.com account? Log in now.
- Privatnost
Several high-profile vulnerabilities affect PHP 7.2 versions. While 7.2.34 patched many, it is frequently cited in GitHub repositories and exploit databases as the "baseline" for legacy systems. CVE-2019-11043 (PHP-FPM Remote Code Execution)
For applications that must continue running on PHP 7.2.34, implement defense‑in‑depth:
PHP 7.2.34 is an older version of PHP, a popular server-side scripting language. Like any software, it has had its share of vulnerabilities. As of my last update, there are several known vulnerabilities in PHP 7.2.x series, some of which have been patched.
location ~ \.php$ try_files $uri =404; # This prevents passing arbitrary paths to PHP-FPM fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; fastcgi_index index.php; include fastcgi_params; Use code with caution. 4. Implement a Web Application Firewall (WAF)
If you have any blocking an upgrade? Share public link
O Duhu i njegovim Moćima