Hey all,
I just started at a company, and I inherited a very old instance of Expression Engine. It is currently running Expression Engine 2.10 on a Bitnami LAMP stack running a very outdated version of PHP. Essentially this application is getting flagged for Security vulnerabilities because it is running such an old version of PHP (5.4 I believe). I have looked at upgrading the LAMP stack, but I have run into a few errors. I am not sure if I am getting all of the files and whatnot, but I was able to get a number of PHP deprecation errors. I imagine that the old versions of EE are not compatible with the newer versions of PHP?
Either way any help on this matter would be greatly appreciated. I am trying to figure out how to upgrade this instance to no longer have the PHP vulnerabilities, but does that mean I will also need to upgrade the EE version as well?
Thanks in advance!
Your best bet is to update it to 2.11.9, which will be compatible with PHP 5.6 (generally still supported even though deprecated). But there are still some serious security concerns in both EE2 and PHP5.6.
Work on upgrading EE to version 6. This is a pretty seamless process, but will depend on add-ons. From there, you should be able to use PHP 8.
If you’re on the EE Slack, there are a bunch of us who would love to help you!
Packet Tide owns and develops ExpressionEngine. © Packet Tide, All Rights Reserved.