CloudLinux OS Releases HardenedPHP, Secures Vulnerable Old PHP Versions for Hosting Providers

Share Article

New feature secures retired PHP versions currently used in more than 85% of all instances, including PHP 5.4 for which security support ended today

Leading shared hosting operating system (OS) developer CloudLinux announced today the availability of HardenedPHP, an exclusive feature of CloudLinux OS that helps hosting providers secure old and unsupported versions of PHP. In those old versions, including widely used 5.2, 5.3, and, as of yesterday, September 14th, 2015 also 5.4, vulnerabilities, even if discovered, are not patched by the community. CloudLinux OS HardenedPHP patches all PHP versions against known vulnerabilities. Over 100 vulnerabilities, of which many were critical, have been discovered for the unsupported versions of PHP and all have been patched by CloudLinux.

Why securing PHP is critical
PHP is universal and represents more than 80% of all server side scripts. About 85% of all PHP sites use highly popular PHP versions - 5.2, 5.3, and 5.4. Because of this wide application usage PHP is consistently exploited by hackers. Yet, versions 5.2 & 5.3 and, as of yesterday also version 5.4, are unsupported by the community.

“Web developers write their scripts to accommodate for a particular PHP version, and unfortunately, just because a version becomes obsolete, companies are not able to update and change programs to accommodate for newer versions”, said Igor Seletskiy, Founder and CEO at CloudLinux. “Since retired PHP versions are no longer supported by the community to prevent against security issues, CloudLinux OS now includes HardenedPHP, which patches old PHP versions so that hosting companies do not have to force their users to re-write scripts written for an older PHP version, risk breaking their sites, or leave servers and sites unsupported and vulnerable.”

According to, as of 8/15, percentage of websites using PHP subversions of PHP 5 is as follows:

  •     39% PHP 5.3 -- no development, no bug fixes, no security support as of August 2014
  •     14.9% PHP 5.2 -- no development, no bug fixes, no security support as of January 2011
  •     31% PHP 5.4 -- not supported by the community as of yesterday, September 14th, 2015

HardenedPHP, working alongside CloudLinux OS PHP Selector feature, which allows hosting providers to offer various packaged PHP versions on a single shared Web server, ensures maximum stability, security, and high customer retention.

HardenedPHP is free for CloudLinux OS customers. To learn more about CloudLinux OS and its HardenedPHP feature, visit

About CloudLinux
CloudLinux is on a mission to make Linux secure, stable, and profitable. Its flagship product, CloudLinux OS, runs on more than 25,000 production servers today, and is recognized as the best OS for security and efficiency in a shared hosting environment. CloudLinux OS increases server density and enhances security, thus reducing operating costs, decreasing churn rates, and increasing profitability.

With more than 2,500 customers and partners, including LiquidWeb and Dell, and more than 60,000 product installations, CloudLinux combines in-depth technical knowledge of hosting, kernel development, and open source with unique client care expertise.

Visit for more information.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Inna Gordin
Visit website