Thursday, May 29, 2008

PCI Compliancy and PHP5 upgrade

We have been in the process of becoming PCI Compliant, which is required of all eCommerce merchants. Most of the requirements are standard security measures which were already in place, other requirements are questionable in a shared hosting environment, and still others...are down-right stupid, in my opinion.

Part of what is required is for the server to be running PHP5.25 and Apache 2.x. These are upgrades that we've been planning to do, but some apps that a few customers are running, not to mention many of the pre-installed scripts provided by Fantastico, are not PHP5 ready.

It's much like Microsoft's "pushing/forcing" users to upgrade to Vista, while many applications aren't yet Vista-compatible. In this case, we have no choice in the matter but to upgrade. The plan is to recompile PHP and Apache to run both PHP4 and PHP5 simultaneously, to allow for support of legacy applications. If this doesn't go as planned then we'll go straight PHP5.

It should be a simple process, but if any unforeseen glitches arise or anything you have installed stops working, please submit a support ticket. I'm trying to contact any users who have Fantastico installed scripts that may not be PHP5 compliant. In most cases there's a newer version of the script available that will work with PHP5, it's just not offered by Fantastico. In these cases we will be happy to help you upgrade the application manually, or do it for you.

The upgrade is planned for Friday, May 30th. As always, I'll post an "all clear" when it's done. There should be no actual downtime involved.