Apache 1.3.36 Security Update
A new version of Apache (1.3.36) was just released for Cpanel servers. We don’t recommend upgrading rightaway, because you quite often wind up with more problems than the upgrade is supposed to fix. It is a ‘fact’ that almost every new version of any software (mysql, php, etc….) that has been released by Cpanel has been unstable in the beginning first few weeks of the release. This isn’t their fault, it is just the nature of the beast. The latest version of any software that is just released quite often has bugs or some sort of problems.
This Apache update for Cpanel was just released yesterday, so we recommend to wait at least a week or two at the very least before upgrading to make sure it is stable.
As for the warning message you see when logging into WHM, naturally since the version currently installed is not the latest, the message will say your version is insecure, regardless of any actual real security threat or not.
It’s a balance between stability and security, and only you can decide what you want to side with. This decision is always controversial, because neither having an insecure nor unstable server is any good. In our opinion, we recommend to wait at least a week or two, based on past experiences and what we are already hearing from customers that already attempted this upgrade. People have already upgraded Apache without asking us and have run into problems, problems ranging from Apache not starting to Apache modules not loading to Apache crashing constantly and more. You can also read about problems others are having at the cpanel forums, there’s many complaints there already.
What makes this even worse is that there is no option to even downgrade, so it has to be manually reinstalled or recompiled which results in HTTP downtime during this process.
1 comment May 25th, 2006
