Shared Hosting Removal of PHP 7.4 and 8.012 June 2024After the notification in Q4 of 2023 regarding the discontinuation of maintenance for PHP 7.4 and 8.0, it is now time for their removal from our shared hosting web servers. On June 6th, 2024, a critical Remote Code Execution (RCE) vulnerability (CVE-2024-4577) was disclosed. This vulnerability is currently being exploited in the wild to gain system privileges on web servers, leading to ransomware infections for all websites hosted on the same web server.
The latest PHP versions 8.1, 8.2, and 8.3 have been patched. However, PHP 7.4 and PHP 8.0 are still vulnerable, and no patches will be available to secure them. We have implemented measures to secure our servers, but it's possible that attackers may find new ways to exploit these vulnerabilities. To ensure the safety of customer data, we will remove PHP 7.4 and PHP 8.0 from our servers on Monday, July 15th, 2024. If your website is using PHP, please migrate to PHP 8.1, 8.2, or 8.3 before this date. Refer to the following page, which provides instructions on how to change the PHP version used by your website: www.webwiz.net/kb/controlpanel-tutorials/website-change-php-version.htm We will continue to monitor the evolving situation of CVE-2024-4577. If the mitigations we have in place no longer protect web servers, we may need to remove PHP 7.4 and 8.0 before Monday, July 15th, 2024. Therefore, we encourage customers with PHP websites to make any necessary changes as soon as possible. |
 |
