We recently run into problem with security scanning on our Nagios XI server due to php 5.3.3. We would like to upgrade php to 5.6
It looks like from the release note, Nagios XI 5.3.2 does support php 5.6. We will be using CentOS Software Collections repo for php 5.6.
However, multiple packages are no longer exist in all standard channel Red Hat or CentOS but it looks like Nagios XI is still use them such as php-mycrypt, php-pecl-ssh2, and php-mysql. Where do I go to get these packages and still be supported?
Thanks,
Need help upgrading php
-
avandemore
- Posts: 1597
- Joined: Tue Sep 27, 2016 4:57 pm
Re: Need help upgrading php
Nagios XI will run on PHP 5.6 and you can upgrade to it. However it is not covered under support.
I do not know what release notes you're looking but the only thing in our official documentation is this:
I do not know what release notes you're looking but the only thing in our official documentation is this:
This note does not mean Nagios XI supports 5.6 in any official capacity.- Updated sourceguardian loaders supporting up to php 5.6 -SW
Previous Nagios employee
Re: Need help upgrading php
Do you have a supported image for Nagios XI that has new version of PHP? LIke a CentOS 7 image?
-
avandemore
- Posts: 1597
- Joined: Tue Sep 27, 2016 4:57 pm
Re: Need help upgrading php
No, we only support the version of PHP which ships with the distro. For CentOS 7, that is currently 5.4.16.
Previous Nagios employee
Re: Need help upgrading php
Well, that's better than nothing. Should cut down some on the security scan.
Where can I get the Nagios XI CentOS 7? I have the current Nagios XI backed up. Is there a procedure to migrate Nagios IX?
Thanks,
Where can I get the Nagios XI CentOS 7? I have the current Nagios XI backed up. Is there a procedure to migrate Nagios IX?
Thanks,
-
avandemore
- Posts: 1597
- Joined: Tue Sep 27, 2016 4:57 pm
Re: Need help upgrading php
You can download VM's or the source here:
https://www.nagios.com/downloads/nagios-xi/
You should also use caution with those security scanners. They throw many false positives and can lead to much time wasted. If you have specific and legitimate security concerns they should be addressed as we take security very seriously here.
You can create your own minimal + wget CentOS 7 VM and use the source installer.
Migration procedure -- Backing Up And Restoring Your Nagios XI System
https://www.nagios.com/downloads/nagios-xi/
You should also use caution with those security scanners. They throw many false positives and can lead to much time wasted. If you have specific and legitimate security concerns they should be addressed as we take security very seriously here.
You can create your own minimal + wget CentOS 7 VM and use the source installer.
Migration procedure -- Backing Up And Restoring Your Nagios XI System
Previous Nagios employee
Re: Need help upgrading php
Yes, we know that. The pen testers a lot of the time use the scan that only looks for php version and automatically flag you for every CVE possible with that php version. Frustrated as hell but it's a reality we have to deal with.
Re: Need help upgrading php
As a security guy myself, that's a vulnerability assessment more than a pen-test, but I digress :)hqnguyen wrote:Yes, we know that. The pen testers a lot of the time use the scan that only looks for php version and automatically flag you for every CVE possible with that php version. Frustrated as hell but it's a reality we have to deal with.
Was there anything else you needed or were we good to close this?
Former Nagios employee
Re: Need help upgrading php
Both Red Hat and CentOS have Software Collection repo which is supported by Red Hat. This repo does have php 5.6.
You guys do not consider this as a supported option for Nagios XI php package?
You guys do not consider this as a supported option for Nagios XI php package?
Re: Need help upgrading php
I will deploy a RHEL 7 VM and install Nagios XI from source. Is this a supported configuration?