Talk in English - US at ZendCon 2017
Short URL: https://joind.in/talk/79880 (QR-Code (opens in new window))
PHP 7 has been released and your production environment needs to be upgraded. Apache 2.4 came out 5 years ago, yet you are running Apache 2.2. OpenSSL 1.1.0f is the current GA version, your servers use OpenSSL 0.9.8. A lot of companies have outdated software running in live environments, making them vulnerable to commonly exploitable weaknesses. Based on information gathered working with dozens of companies, it's commonplace to see servers running open source software that is 5, 10, or even 15 years old. A simple Google search for vulnerabilities on these older versions produces exploits and kits that any person can use to wreck your company’s share prices, data, and reputation. Learn how to protect yourself, your team, and your company from threats by these methods.
We'll use some common techniques to upgrade and harden our servers, concentrating on PHP, Apache, and OpenSSL. Hardening the operating system needs to happen as well, but this session focuses on the software. Bringing your coworkers, employers, and colleagues on board with your migration plan will allow you to more easily move from the old to the new. We'll also cover the skills you need to learn, the resources available to assist you, and the methods to accomplish a migration that will result in a secure and robust production environment.
Comments are closed.
I came away with some things that I definitely want to harden on my infrastructure and learned about a range of new threats and mitigations. My only criticism is that the speaker spent too much time covering things I think everyone already knew (e.g. "this is what Apache is"), which took up time that could have been spent elsewhere. In particular, I would have been more interested in hearing specifics about his tips for hardening PHP and Apache. Still a really good talk, though!
Wonderful stuff, great overview of hardening our mission critical web infrastructure.