Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:112828
Return-Path: <rene.veerman.netherlands@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 94980 invoked from network); 10 Jan 2021 08:33:04 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 10 Jan 2021 08:33:04 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id B28541804E4
	for <internals@lists.php.net>; Sun, 10 Jan 2021 00:10:28 -0800 (PST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=0.6 required=5.0 tests=BAYES_50,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.2
X-Spam-Virus: No
X-Envelope-From: <rene.veerman.netherlands@gmail.com>
Received: from mail-ej1-f46.google.com (mail-ej1-f46.google.com [209.85.218.46])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Sun, 10 Jan 2021 00:10:28 -0800 (PST)
Received: by mail-ej1-f46.google.com with SMTP id b9so20427157ejy.0
        for <internals@lists.php.net>; Sun, 10 Jan 2021 00:10:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:from:date:message-id:subject:to;
        bh=2NMe2aTNRlicJPzaBhw/B+z2K7RVaZIClZ1gbAMmD4Y=;
        b=VgE1UM8cwdocXTdxAdkoCpqUUrEIAKSwqEfgApIpxSY8M4V2HBhoZRmGXbdvv1OFgP
         oZup4LtffKGbfsYbCyh6OebUhUXy2h9rwCbBpxmN6r0vkt1gVGfxUfQ6DEE9FDk0Tj3B
         BcpQwwsmGBkNEFS3C/9D/89T2uUZ2740A2qgNF0bP+oA6dCtZk6IBGzL+M6OjVNCr30Q
         FDIOlbj27NMRyYnmcyjMM40QfZvMvGcxdSh7ITbNuRKiDyC8dwkygCpLcx5F0IrY1FN7
         PE/tsa5XOpedUwKrio6q/f/8OTxYIYpS7cwxTzTRcre9/Ta+QAxgPHU2ti9+IyGF6VBr
         hSJg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
        bh=2NMe2aTNRlicJPzaBhw/B+z2K7RVaZIClZ1gbAMmD4Y=;
        b=YFu060/MBDwr9uTwMXnm4fEzkQF/env9PPenCS17ckmgnpnsefamiTNtROluFdXX2h
         j9fHoL9JeqUyNi0thb42QLla3Z5uqrszWX38wg+GFt3z6vjXvr+LRr7fKP22bofUqLEd
         d1r6MjfGEurROIulMhIo6v90wj7QLGPJXdbi8AspxjdjiF97DDicWKySZT0J7ZKuP8kz
         SB5Ss+CgvmkDcBhX8Nl1v0DKIwwduDanDAzEM+GP0lLbwsUGQDhAICz+DFa+X1QDC3tu
         Sj8rCTlHEpd6XKgJlLqDW/TlqQAIXvxUDexaQBfaJ2PkOd8sptll+RivXt4b1xbgmCnB
         q8/g==
X-Gm-Message-State: AOAM531TK41wq7CY0Z1kwsPOPxSrjzOJEEP35BDiRTg2quce7mNWcTxq
	iGM4+oZNWFKDdb4hIS0RzQE76qkJohJOjcGmkwplU6q/HUM=
X-Google-Smtp-Source: ABdhPJxskxZ+Bw9MtknlGi+OiDcOOg5SyeRXAVDtm25UcHzoDtcpZNiLJNngCBzPmL7pWZrsF0N5kTlHiZn+iY8uq7U=
X-Received: by 2002:a17:906:4a47:: with SMTP id a7mr7504117ejv.345.1610266225280;
 Sun, 10 Jan 2021 00:10:25 -0800 (PST)
MIME-Version: 1.0
Date: Sun, 10 Jan 2021 09:10:14 +0100
Message-ID: <CACMzB5dBytBHEnQM_wZ07Re-zA-6QrC0LtDyy0mwF6jWA_Gg7g@mail.gmail.com>
To: Internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="0000000000005a078f05b88752cc"
Subject: silly question : what is more secure at the moment, php7, php8, or
 plain .sh shell scripts?
From: rene.veerman.netherlands@gmail.com (Rene Veerman)

--0000000000005a078f05b88752cc
Content-Type: text/plain; charset="UTF-8"

hi.

i run a website which i want to harden against hacking by 3rd parties.

i wrote this website back in 2002-2010, and then built apps on top of the
base code.

now i want to upgrade the entire thing to the latest css3 standards and
also include anti-hacking measures, because at one point i got kicked off
the internet by my ISP because they detected the thing had indeed been
hacked, and someone installed phishing software on my site.

i want to employ cron jobs that run regularly, to do checksum testing of
vital parts of my operating system.

ideally, i could have a script run indefinitely or every 2 seconds, as
root, from cron, to test for changes to my filesystem (well, the part that
is governed by Directory section in
/etc/apache2/sites-enabled/001-localhost.conf) and vital OS config files.
but i do wonder if this is going to wear out the SSD where the OS and
webserver files are stored on.
and i wonder if i should be writing this script as some sort of shell
script (bash? /bin/sh? i dunno (i run ubuntu 20.04)), or if i could be
using the convenient php for it.

and i would like to know if as far as exploits go, it's better to stay
(currently) on php7.4, or move my entire setup to php8.

thanks for your attention and any help you might provide me. :)

--0000000000005a078f05b88752cc--