My server must become PCI DSS compliant and as part of this i must update PHP, openssl, openssh, and apache to the most current versions.
I want to know the best practice for doing this on a CentOS 6.4 server, what to look out for/what can go wrong, and how to rollback changes if i make a mistake.
There are a number of sites on this server, each is controlled by a cPanel account(to which i have complete access), but only one of them handles credit card data. Initially, i would like to update php for this cpanel account only.
Server version: Apache/2.2.21 (Unix)
Server built: Jan 21 2012 20:57:54
Cpanel::Easy::Apache v3.8.5 rev9999
Server loaded: APR 1.4.5, APR-Util 1.3.12
Compiled using: APR 1.4.5, APR-Util 1.3.12
Server MPM: Prefork
forked: yes (variable process count)
Server compiled with....
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
The PHP version displays as 5.2.17 but i'm not convinced that this is true as the cpanel php.ini files are located in /usr/local/cpanel/3rdparty/php/53/* which looks like it's some kind of 5.3.x.
I'm not entirely sure what data you will need from me; so please advise.