Insecure PHP version for wordpress

NethServer release 7.6.1810 (final )
rpm -qa php

Hi everyone . I’ve just updated Wordpress to version 5.1-it_IT. The wordpress bulletin board tells me that the PHP version is insecure. Do I have to wait for a version release from neth7 updates or something else? Thank you .

No, you could install php-scl. First you have to install stephdl repo

After that you can install php-scl[]=stephdl&s[]=repo

If you have finished installation, you can choose the version at the gui.

1 Like

I suggest you to use this and apply recent PHP version for your wordpress installation.

1 Like

Wordpress is wrong, the version of php is secure.
Red Hat will keep php 5.4 secure for the whole 7 life-cycle (until 2024).

Thanks filippo. So I seem to have understood that wordpress is limited to check the installed php version and detecting the 5.4 warns you. Moreover I tried to install php-scl and from gui I selected version 7.2 as default on apache. Wordpress continues to report the same error.

Please try to restart the httpd service.

I had tried with the command: systemctl restart httpd

Did you install nethserver-wordpress. It could be a try.[]=stephdl&s[]=wordpress

Wordpress has been installed by the stephdl repository for some time. do you propose to re-run the installation?

Perhaps @stephdl has a better answer then me.

Did you configure it?

Please read the wiki page carefully. php-scl [NethServer Wiki]

Hello, after downloading php I limited myself to run from nethserver GUI the latest version then 7.3 and then set it as default for apache. My wordpress as previously written I unload it via the repository. I did not have to create a virtualhost on nethserver and then install wordpress. Can you suggest some tests to do? Thanks and I hope I was clear.

How do you access your wordpress?

e.g. https://yourdomain/wordpress?

Yes I log in regularly as you just listed. https: //myserver.local/wordpress. However, after the update the server continues to run regularly, it only shows the warning that it would be ok to update php without affecting the operation. Thank you .

Then I would suggest to follow the advise of @filippo_carletti and others, to simply ignore for now.

Ok, as suggested by Filippo php is already complete at the patch level. I also believe that if the new version of wordpress is required that requires such dependencies, why not perform a complete update of wordpress with related dependencies? Thank you all .

the wordpress module uses its own virtualhost like you discovered and the php-scl module is for /var/www/html, so you cannot use another version of php. The best advice would be to simply ignore it because redhat backports security patches, or install on your own php71-scl and make a custom template to load php71 in the wordpress virtualhost.

In short IMO it is urgent to wait.


Thank you so much, it’s just what I had written before or I never created a virtualhost to host wordpress but I only downloaded the package from your repository.

yep I created for you a virtualhos that you can find at /etc/httpd/conf.d/zzz_wordpress.conf, with a custom template you could load whatever php version you want

Thank you very much the template and instructions of the case.