Get your server issues fixed by our experts for a price starting at just 25 USD/Hour. Click here to register and open a ticket with us now!

Recent Posts

Pages: 1 ... 8 9 [10]
91
General Linux / How to Install Firefox Quantum 61 in Linux
« Last post by jibinw on July 22, 2018, 05:29:48 pm »
Firefox 61 was officially released for all major OS e.g. Linux (32/64 bit), Mac OSX, Windows and Android. The binary package are now available for download for Linux (POSIX) systems, grab desired one and enjoy the browsing with new features added to it.

Feautures of Firefox 61
 
  • Faster switching between tabs on Windows and Linux.
  • Convenient ways of adding new search engines to your browser.
  • Enhancements to the dark theme bundled with Firefox.
  • Other various security and stability fixes.
New Firefox has also added a lots of new interesting features to Android as well. So, don’t wait, just grab the latest Firefox for android from Google Play Store and have fun.

Install Firefox Quantum 61 in Linux Systems

Ubuntu users will always get the latest version of Firefox via default Ubuntu’s update channel. But the upgrade isn’t yet available and if you are curious to try it, there is an official Mozilla PPA to test the new version of Firefox Quantum on Ubuntu and its derivatives.
   
Code: [Select]
$ sudo add-apt-repository ppa:mozillateam/firefox-next
$ sudo apt update && sudo apt upgrade
$ sudo apt install firefox

In this guide we’ll cover Firefox Quantum 61 stable installation from tarball sources in Debian and Red Hat based Linux distributions such as Ubuntu, CentOS, Fedora, etc.

The download link for Mozilla tarballs can be found by accessing the below link.

https://www.mozilla.org/en-US/firefox/all/

The process of installing the latest version of Firefox from archive sources is similar for Ubuntu and CentOS desktop version. To begin with, log in to your desktop and open a Terminal console.

Then, issue the below commands in your Terminal in order to download and install Firefox from tarball sources. The installation files will be placed in your distribution /opt directory.

For 32-Bit OS

Code: [Select]
$ cd /opt
$ sudo wget https://download-installer.cdn.mozilla.net/pub/firefox/releases/61.0/linux-i686/en-US/firefox-61.0.tar.bz2
$ sudo tar xfj firefox-61.0.tar.bz2

For 64-Bit OS

Code: [Select]
$ cd /opt
$ sudo wget https://download-installer.cdn.mozilla.net/pub/firefox/releases/61.0/linux-x86_64/en-US/firefox-61.0.tar.bz2
$ sudo tar xfj firefox-61.0.tar.bz2

After Firefox application files had been decompressed and installed to /opt/firefox/ system path, execute the below command to first launch the browser. The latest version of Firefox should open in your system.

Code: [Select]
$ /opt/firefox/firefox
In order to create a quick launch icon in your desktop applications menu, issue the following commands in terminal. First change directory to /usr/share/application/ directory and create a new desktop application quick launcher based on firefox.desktop app launcher. The new launcher will be named mozilla-quantum.desktop.

Code: [Select]
$ cd /usr/share/applications/
$ sudo cp firefox.desktop firefox-quantum.desktop

Afterwards, open firefox-quantum.desktop file for editing and search and update the following lines.

Code: [Select]
Name=Firefox Quantum Web Browser
Exec=/opt/firefox/firefox %u
Exec=/opt/firefox/firefox -new-window
Exec=/opt/firefox/firefox -private-window

Save and close the file changes. Launch Mozilla Quantum by navigating to Applications -> Internet menu where a new Firefox Quantum launcher should appear. In Ubuntu desktop just search for quantum in Unity dash.

After hitting on the shortcut icon, you should see the new Mozilla Quantum browser in action in your system.

92
General Linux / Running Icingaweb2 on Ubuntu 16.04.1 LTS
« Last post by akhilt on July 22, 2018, 10:29:52 am »
Running Icingaweb2 on Ubuntu 16.04.1 LTS

I have recently installed and configured Icingaweb2 on Ubuntu 16.04.01 LTS system.

The documentation to do this seems rather sparse, and what is out there doesn’t really take into account some apparent bugs that I found in Ubuntu 16.10. I don’t know why an LTS system should have these problems, but here they are.

The package for libzend-framework-php puts all of its PHP files into the directory /usr/share/php/libzend-framework-php – but PHP itself will not find these files. PHP needs to be configured to find these files, but looks in /usr/share/php/Zend instead.

It appears that PHP 7.0 is configured to handle this, but 7.1 and 5.6 are not. Rather than mess with it all the time, I moved everything to the already existing directory /usr/share/Zend. After that, PHP worked – I was using 5.6 on the basis that Icinga2 has compatibility problems with 7 – can’t say if that is true or not, but it is something to watch for.

I fixed the problem of /usr/share/php/libzend-framework-php this way:

Code: [Select]
cd /usr/share/php/libzend-framework-php/Zend/

mv ./* /usr/share/php/Zend/

That moves everything, but be aware that this “breaks” the package and updates will not happen correctly unless you move those too. You could create a link named /usr/share/php/libzend-framework-php and point it to the current directory, but what if the upgrade process removes everything in that directory? I wouldn’t recommend it.

Another problem was with the HTMLPurifier package. When it installs, everything named HTMLPurifier* is put into /usr/share/php. What this means is that all of the PHP files named HTMLPurifier.something.php are placed in the wrong directory.

You can fix this with:

Code: [Select]
cd /usr/share/php

mv HTMLPurifier.* HTMLPurifier/

Hope this information works for all, Thank you!

93
General Discussion / MALWARE-CNC Win.Trojan.ZeroAccess inbound connection
« Last post by nidhinjo on July 21, 2018, 06:27:06 pm »
Trojan.Zeroaccess
Trojan.ZeroAccess is a Trojan horse computer malware that affects Microsoft Windows operating systems. It is used to download other malware on an infected machine from a botnet while remaining hidden using rootkit techniques.Trojan.Zeroaccess is a Trojan horse that uses an advanced rootkit to hide itself. It can also create a hidden file system, downloads more malware, and opens a back door on the compromised computer.

The Trojan is called ZeroAccess due to a string found in the kernel driver code that is pointing to the original project folder called ZeroAccess. It is also known as max++ as it creates a new kernel device object called __max++>.

Infection

This threat is distributed through several means. Some websites have been compromised, redirecting traffic to malicious websites that host Trojan.Zeroaccess and distribute it using the Blackhole Exploit Toolkit and the Bleeding Life Toolkit. This is the classic "drive-by download" scenario. It also updates itself through peer-to-peer networks, which makes it possible for the authors to improve it as well as potentially add new functionality.

Functionality

The primary motivation of this threat is to make money through pay per click advertising. It does this by downloading an application that conducts Web searches and clicks on the results. This is known as click fraud, which is a highly lucrative business for malware creators.

The threat is also capable of downloading other threats on to the compromised computer, some of which may be Misleading Applications that display bogus information about threats found on the computer and scare the user into purchasing fake antivirus software to remove the bogus threats. It is also capable of downloading updates of itself to improve and/or fix functionality of the threat. This attack is considered as vulnerable when the attack happed on a windows based server. If it's happening on a Linux base system it can be considered as a false positive.

Prevention
1) User behaviour and precautions
Users can mitigate the risk of infection by being careful about clicking links found on websites, such as blogs and forums where there is potentially little control or quality checks on the content. Basic checks such as hovering with the mouse pointer over the link will normally show where the link leads to.
2) Patch operating system and software
Users are advised to ensure that their operating systems and any installed software are fully patched, and antivirus and firewall software are up to date and operational. Users are recommended to turn on automatic updates if available so that their computers can receive the latest patches and updates when they are made available.
3) Infection Method
As this threat is a Trojan, by definition it doesn't actively spread by itself. Therefore, it needs to use other methods to arrive on a compromised computer. Most commonly, Zeroaccess is spread through websites that have been compromised and redirect traffic to a malicious website that then, in turn, distribute it using the Blackhole Exploit Toolkit and the Bleeding Life Toolkit. These toolkits then attempt to exploit various vulnerabilities to penetrate the computer and infect it with Zeroaccess. It has also been observed updating itself through peer-to-peer networks. This allows the creators to continually improve the functionality of the threat as well as potentially add new functionality.
4) Functionality
The primary motivation of this threat is to make money through pay per click advertising and bitcoin mining. It does this by downloading additional software that conducts Web searches and clicks on the results or mines bitcoins. It attempts to stay hidden and undetected for as long as possible to maximize revenue generation opportunity. It does this by employing advanced rootkit techniques that hide not only the threat itself but also any other threats that Zeroaccess may download and install.

Recommendations
1) Use a firewall to block all incoming connections from the Internet to services that should not be publicly available. By default, you should deny all incoming connections and only allow services you explicitly want to offer to the outside world.
2) Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
3)Ensure that programs and users of the computer use the lowest level of privileges necessary to complete a task. When prompted for a root or UAC password, ensure that the program asking for administration-level access is a legitimate application.
4) Disable AutoPlay to prevent the automatic launching of executable files on network and removable drives, and disconnect the drives when not required. If write access is not required, enable read-only mode if the option is available.
5) Turn off file sharing if not needed. If file sharing is required, use ACLs and password protection to limit access. Disable anonymous access to shared folders. Grant access only to user accounts with strong passwords to folders that must be shared.
6) Turn off and remove unnecessary services. By default, many operating systems install auxiliary services that are not critical. These services are avenues of attack. If they are removed, threats have less avenues of attack.
7) If a threat exploits one or more network services, disable, or block access to, those services until a patch is applied.
8 ) Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.
9) Configure your email server to block or remove email that contains file attachments that are commonly used to spread threats, such as .vbs, .bat, .exe, .pif and .scr files.
10) Isolate compromised computers quickly to prevent threats from spreading further. Perform a forensic analysis and restore the computers using trusted media.
11) Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.
12) If Bluetooth is not required for mobile devices, it should be turned off. If you require its use, ensure that the device's visibility is set to "Hidden" so that it cannot be scanned by other Bluetooth devices. If device pairing must be used, ensure that all devices are set to "Unauthorized", requiring authorization for each connection request. Do not accept applications that are unsigned or sent from unknown sources.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
94
General Discussion / ET WEB_SPECIFIC_APPS Vulnerable Magento Adminhtml Access
« Last post by nidhinjo on July 21, 2018, 06:23:58 pm »
The vulnerability is actually comprised of a chain of several vulnerabilities that ultimately allow an unauthenticated attacker to execute PHP code on the web server. The attacker bypasses all security mechanisms and gains control of the store and its complete database, allowing credit card theft or any other administrative access into the system.

This attack is not limited to any particular plugin or theme. All the vulnerabilities are present in the Magento core, and affects any default installation of both Community and Enterprise Editions. Check Point customers are already protected from exploitation attempts of this vulnerability through the IPS software blade.

How did Check Point discover this vulnerability?


Magento-based e-Commerce businesses are advised to apply the designated patch SUPEE-5344 released by Magento. Although Check Point did not witness any exploitation attempts of this vulnerability in the wild, administrators are advised to monitor logs for patterns matching the technical description.

Check Point IPS currently protects against exploitation attempts of this vulnerability.

Vulnerable Versions


Confirmed vulnerable: 1.9.1.0 CE and 1.14.1.0 EE

Synopsis


Magento is a popular eCommerce platform purchased by eBay in 2011. It has 2 versions:
• A community version, which is open-sourced and contains code contributed from the community.
• An enterprise version, which offers more features as well as customer support and other premium benefits.

We discovered a vulnerability-chain which ultimately allows an unauthenticated attacker to execute PHP code in the vulnerable server. This chain consists of a number of vulnerabilities, which are described further in the technical description.
These vulnerabilities have been assigned CVE-2015-1397, CVE-2015-1398, CVE-2015-1399.

Disclosure Timeline


January 14, 2015 – First contact with Magento Security
January 15, 2015 – Provided complete vulnerability report including suggested fixes
February 9, 2015 – Patch Released by Magento (SUPEE-5344 available here)
April 22, 2015 – Public Disclosure
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  ;) <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
95
General Discussion / SERVER-APACHE Apache Struts remote code execution attempt
« Last post by nidhinjo on July 21, 2018, 06:20:38 pm »
Summary

A critical vulnerability has been discovered in the Apache Struts web application framework for Java web applications. A remote code execution attack is possible when using the Apache Struts REST plugin with XStream handler to deserialise XML requests.The REST Plugin is using a XStreamHandler with an instance of XStream for deserialization without any type filtering and this can lead to Remote Code Execution when deserializing XML payloads. All versions of Struts since 2008 are affected; all web applications using the framework’s popular REST plugin are vulnerable. Shortly after the patched versions of Struts were released on 5 September, multiple working exploits were observed on various internet sites.

Impact


Attackers can execute arbitrary code remotely by exploiting this vulnerability.
Vulnerable
    >> Apache Struts 2.0.1 - 2.3.33
    >> Apache Struts 2.5 - 2.5.12
    >> All versions of Apache Struts released since 2008

Any security vulnerability can be potentially disastrous, but any that allows Remote Code Execution are especially worrying. This vulnerability is potentially very damaging due to the large number of sites that rely upon this framework. Coupled with the complexities to remediate, as code will have to be changed as opposed to just applying a vendor patch, this has the potential to be worse than the ‘POODLE’ attack was. Finding this highlights the power that static code analysis can bring, and if something this severe can be in such a well known public library, just imagine what it could find in your code base.

Recommendations


>>Upgrade to Apache Struts 2.5.13 immediately.

    No workaround is possible, the best option is to remove the Struts REST plugin when not used or limit it to server normal pages and JSONs only. Please see Apache Struts Security Advisory S2-052 for details.

    Many popular vendor products utilize Java and the Struts web application framework. If you manage a Java web application, check with your vendor or developer to determine if the application is using Struts and if it is vulnerable. Install any vendor application patches that address CVE-2017-9805 immediate

:)                                                              :)
96
General Discussion / SERVER-ORACLE Oracle WebLogic Server remote command execution attempt
« Last post by nidhinjo on July 21, 2018, 06:08:50 pm »
This signature fires upon detecting attempts to exploit a command execution vulnerability in Oracle WebLogic. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).  This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.  This signature detects attempts to exploit a remote code execution vulnerability in Oracle WebLogic server. Oracle WebLogic Server is prone to a remote security vulnerability in WLS Security. The vulnerability can be exploited over the 'HTTP' protocol.

CVSS Scores & Vulnerability Types

Code: [Select]
CVSS Score              5.0
Confidentiality Impact     None (There is no impact to the confidentiality of the system.)
Integrity Impact         None (There is no impact to the integrity of the system)
Availability Impact     Partial (There is reduced performance or interruptions in resource availability.)
Access Complexity        Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication             Not required (Authentication is not required to exploit the vulnerability.)
Gained Access             None

Affected

This vulnerability affects the following supported versions: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0.

Workarounds

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. Until you apply the CPU fixes, it may be possible to reduce the risk of successful attack by blocking network protocols required by an attack. For attacks that require certain privileges or access to certain packages, removing the privileges or the ability to access the packages from users that do not need the privileges may help reduce the risk of successful attack. Both approaches may break application functionality, so Oracle strongly recommends that customers test changes on non-production systems. Neither approach should be considered a long-term solution as neither corrects the underlying problem.

Critical Patch Update Supported Products and Versions

Patches released through the Critical Patch Update program are provided only for product versions that are covered under the Premier Support or Extended Support phases of the Lifetime Support Policy. We recommend that customers plan product upgrades to ensure that patches released through the Critical Patch Update program are available for the versions they are currently running.

Product releases that are not under Premier Support or Extended Support are not tested for the presence of vulnerabilities addressed by this Critical Patch Update. However, it is likely that earlier versions of affected releases are also affected by these vulnerabilities. As a result, Oracle recommends that customers upgrade to supported versions.

  :)  ###########################################################################  :)
97
General Discussion / ET WEB_SPECIFIC_APPS Possible WP CuckooTap Arbitrary File Download
« Last post by nidhinjo on July 21, 2018, 06:06:01 pm »
This signature detects HTTP requests that attempt to exploit a remote file include vulnerability in the Wordpress links.all.php script. Wordpress allows users to generate news pages and weblogs dynamically. It uses PHP and a MySQL database to generate dynamic pages. A vulnerability has been reported for Wordpress. The problem is said to occur due to insufficient sanitization of user-supplied URI parameters.

Specifically the '$abspath' variable, which is used as an argument to the PHP require() function, is not sufficiently sanitized of malicious input. As a result, an attacker may be capable of including a malicious 'blog.header.php' from a controlled web server. This may result in the execution of PHP commands located within the script. Successful exploitation of this vulnerability would allow an attacker to execute arbitrary PHP commands on a target server, with the privileges of Wordpress. PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable.

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

CVSS Scores & Vulnerability Types

Code: [Select]
CVSS Score                  7.5
Confidentiality Impact      Partial (There is considerable informational disclosure.)
Integrity Impact              Partial (Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact           Partial (There is reduced performance or interruptions in resource availability.)
Access Complexity          Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication               Not required (Authentication is not required to exploit the vulnerability.)
Gained Access              None
Vulnerability Type(s)      Execute CodeFile Inclusion
CWE ID                        94

Products Affected By CVE-2003-1599

-Wordpress 0.70

Solution

-Update the Wordpress to the latest version
98
General Discussion / ET WEB_SPECIFIC_APPS Possible JBoss JMX Console Beanshell Deployer WAR Upload
« Last post by nidhinjo on July 21, 2018, 06:00:44 pm »
This module can be used to install a WAR file payload on JBoss servers that have an exposed "jmx-console" application. The payload is put on the server by using the jboss.system:BSHDeployer\'s createScriptDeployment() method. This signature detects attempts to exploit a vulnerability in JBoss which could result in remote code execution. The default configuration of JBoss does not restrict access to the console and web management interfaces. This allows remote attackers to bypass authentication and gain administrative access via direct requests.

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Affected Products

RedHat JBoss Enterprise Application Platform 4.3 & 4.3 EL5 & 4.3 EL4
RedHat JBoss Enterprise Application Platform 4.2 & 4.2 EL5 & 4.2 EL4

CVSS Scores & Vulnerability Types

Code: [Select]
CVSS Score              5.0
Confidentiality Impact        Partial (There is considerable informational disclosure.)
Integrity Impact               None (There is no impact to the integrity of the system)
Availability Impact             None (There is no impact to the availability of the system.)
Access Complexity              Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication                    Not required (Authentication is not required to exploit the vulnerability.)
Gained Access                   None
CWE ID                                264

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Fixes

    BZ - 571905 - Tracker bug for the EAP 4.3.0.cp08 release.
    BZ - 574105 - CVE-2010-0738 JBoss EAP jmx authentication bypass with crafted HTTP request
    BZ - 585899 - CVE-2010-1428 JBoss Application Server Web Console Authentication bypass
    BZ - 585900 - CVE-2010-1429 JBossEAP status servlet info leak
=========================================== :)==========================================
99
General Discussion / ET WEB_SPECIFIC_APPS Possible Apache Struts OGNL Expression Injection
« Last post by nidhinjo on July 21, 2018, 05:56:39 pm »
Apache Struts is a free and open-source framework used to build Java web applications. We looked into past several Remote Code Execution (RCE) vulnerabilities reported in Apache Struts and observed that in most of them, attackers have used Object Graph Navigation Language (OGNL) expressions. The use of OGNL makes it easy to execute arbitrary code remotely because Apache Struts uses it for most of its processes.

Using OGNL, a researcher found a new remote code execution vulnerability in Apache Struts 2, designated as CVE-2017-5638. An exploit has been reported to be already in the wild.

Remote attacker to inject operating system commands into a web application through the “Content-Type” header. Written in Java, Apache Struts 2 is the popular open source web application framework. This is yet another incident that adds up to a long list of vulnerabilities in this framework.

Different Scenarios

This particular vulnerability can be exploited if the attacker sends a crafted request to upload a file to a vulnerable server that uses a Jakarta-based plugin to process the upload request. The attacker can then send malicious code in the Content-Type header to execute the command on a vulnerable server.

According to Apache, the vulnerability exists in the Jakarta Multipart parser. When an invalid value is placed in the Content-Type header, an exception is thrown. The exception is used to display the error to the user. An attacker can exploit this vulnerability to escape the data scope into the execution scope through the Content-Type header

A vulnerability in Apache Struts could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.The vulnerability is due to improper handling of user requests by the affected software. An attacker could exploit the vulnerability by sending crafted HTTP requests to a server using a vulnerable version of the software. An exploit could allow an attacker to execute arbitrary Object-Graph Navigation Language (OGNL) code on the system.

Affected Version

Apache Struts versions 2.0.0 to 2.3.14.2 are vulnerable.

Technical Explanation

The vulnerability is due to the way action names passed via Wildcard Matching to the server are evaluated by OGNL. The vulnerability allows arbitrary OGNL expressions encoded in a URL to be evaluated, bypassing both struts and OGNL library protections.

An unauthenticated, remote attacker could exploit this vulnerability by sending an HTTP request that contains a crafted action name to the vulnerable software. If successful, the attacker could execute arbitrary OGNL code on the system.

Methode of Approach

To exploit the vulnerability, the attacker may need access to trusted or internal networks to transmit crafted HTTP requests to the targeted system. This access requirement could limit the likelihood of a successful exploit.

Preventions

1) Apply the appropriate updates. Upgrade to Struts 2.3.14.3

2) Allow only trusted users to have network access.

3) Implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent attacks that attempt to exploit this vulnerability.
:) ;)
100
General Linux / Install PHP 7.x on CentOS 7 / RHEL 7 Server
« Last post by jibinw on July 21, 2018, 04:53:11 pm »
As we know that PHP is the most important part of LAMP applications (WordPress, Joomla, Drupal & Media wiki etc). Now a days most of these applications require PHP 7 for their installation and configuration. Main advantage of PHP 7.x is that it will load your web application faster and will consume less server’s resources like CPU and RAM.

By default, PHP 5.4 is available in CentOS 7 and RHEL 7 yum repositories.  In this article we will see how to install latest version of PHP on CentOS 7 and RHEL 7 Servers.

Installation Steps of PHP 7.0, 7.1 & 7.2 on CentOS 7 Server

1) Install yum-utils and enable EPEL repository

Login to your server and use the below yum command to install yum-utils & enable epel repository

Code: [Select]
[root@localhost ~]# yum install epel-release yum-utils -y
2) Download and Install remirepo using yum command

Code: [Select]
[root@localhost ~]# yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
3)  Base on your requirement, configure the PHP 7.x repository

To configure PHP 7.0 repository, use below command,

Code: [Select]
[root@localhost ~]# yum-config-manager --enable remi-php70
To configure PHP 7.1 repository, use below command,

Code: [Select]
[root@localhost ~]# yum-config-manager --enable remi-php71
To configure PHP 7.2 repository, use below command

Code: [Select]
[root@localhost ~]# yum-config-manager --enable remi-php72
4) Install PHP 7.2 along with dependencies.

In this tutorial, I will install latest version of PHP 7.2 along with its modules, Run beneath yum command

Code: [Select]
[root@localhost ~]# yum install php php-common php-opcache php-mcrypt php-cli php-gd php-curl php-mysql -y
Note: To search all PHP modules use  below command:

Code: [Select]
[root@localhost ~]# yum search php | more
5) Verify the PHP version

Once all the PHP 7.2 and its dependencies are installed in step4), use below command to verify the installed PHP version,

Code: [Select]
[root@localhost ~]# php -v
PHP 7.2.7 (cli) (built: Jun 20 2018 08:21:26) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
    with Zend OPcache v7.2.7, Copyright (c) 1999-2018, by Zend Technologies
[root@localhost ~]#

Installation Steps of PHP 7.x on RHEL 7 Server

1) Enable EPEL, RHEL 7 Server Optional repository and Install remirepo rpm

Login to your RHEL 7 Server and run the beneath commands one after the another to enable EPEL repository, install remirepo and enable RHEL 7 Server optional repository

Code: [Select]
[root@localhost ~]# rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
[root@localhost ~]# wget http://rpms.remirepo.net/enterprise/remi-release-7.rpm
[root@localhost ~]# rpm -Uvh remi-release-7.rpm epel-release-latest-7.noarch.rpm
[root@localhost ~]# subscription-manager repos --enable=rhel-7-server-optional-rpms


2) Configure PHP 7.x repo

Code: [Select]
[root@localhost ~]# yum install yum-utils
[root@localhost ~]# yum-config-manager --enable remi-php72

3) Install PHP 7.2 and its dependencies

Code: [Select]
[root@localhost ~]# yum install php php-common php-opcache php-mcrypt php-cli php-gd php-curl php-mysql -y
4) Verify PHP Version

Code: [Select]
[root@localhost ~]# php -v
PHP 7 Test Page Verification

I am assuming Apache web Server is installed on your system, start its service using below systemctl command

Code: [Select]
[root@localhost ~]# systemctl start httpd
[root@localhost ~]#

Now create a info.php file under /var/www/html with following contents,

Code: [Select]
[root@localhost ~]# cd /var/www/html/
[root@localhost html]# vi info.php
<?php
phpinfo
();
?>

Open the web browser and type the ip of your server followed by info.php,

Code: [Select]
http://Server-IP-Address/info.php
Pages: 1 ... 8 9 [10]