Hackers are using a bug in PHP7 to remotely hijack web servers

Can we get some reassurance that this issue does not affect the CLOUDWAYS PHP stack.

As I understand it PHP on CLOUDWAYS is processed through Apache so this is not at risk from the security flaw in nginx/PHP-FPM

I reviewed the information at the Common Vulnerabilities and Exposures website on this issue (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11043) and found that my sever was vulnerable to this attack, because it had PHP-FPM enabled, Nginx running and PHP version 7.2.23. The CVE site states the following versions of PHP are vulnerable: PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11. I upgraded to PHP 7.3 and found that enabled PHP 7.3.11, so I think this solves the problem.

Yeah I would like to know as well?..

Hello All,

It is to inform you that the vulnerability which you have shared is being exposed to PHP-FPM running with Nginx stack but in Cloudways things are working differently. On our stack, PHP-FPM runs with Apache so this vulnerability is nullified here. You can further check with this link for your reference: https://github.com/neex/phuip-fpizdam

Please let us know if you have any further concerns in this case.

Kind Regards,
Ibad Rehman

Thankyou Ibad, this is the confirmation I was hoping for.

1 Like