Website hosted on CentOS6 server, but behind Cloudflare

General support questions
Post Reply
6lover
Posts: 3
Joined: 2021/02/19 19:31:17

Website hosted on CentOS6 server, but behind Cloudflare

Post by 6lover » 2021/02/19 19:35:43

Hello there, I'm running a website using nginx, MySQL and PHP. The server is running CentOS 6 and the CMS have been tweaked to not expose server IP. Also using an external email server which removes IP information from the main server. So CentOS6 server IP is unknown for our visitors.

What would be the risk of running CentOS 6? I know here are people who scan all IPs on the internet and try to hack, but... how could the server be hacked if it simply running a website and it is behind Cloudflare.

I would like to know if I'm safe.

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Website hosted on CentOS6 server, but behind Cloudflare

Post by jlehtone » 2021/02/19 19:53:46

6lover wrote:
2021/02/19 19:35:43
simply running a website
What if your web pages / nginx / PHP have exploitable feature? If I can a page from you then does it matter that I don't know the real IP address of your server?

Obviously transferring such page to more recent platform will not help, if the issue is in content rather than in software.

6lover
Posts: 3
Joined: 2021/02/19 19:31:17

Re: Website hosted on CentOS6 server, but behind Cloudflare

Post by 6lover » 2021/02/19 20:05:49

So lets say that it is Wordpress vanilla (latest) running on PHP, nginx and MySQL.

If these four are kept updated (WP, PHP, nginx and MySQL), then it doesn't matter if the server is running the old CentOS 6? I'm asking from a security standpoint.

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Website hosted on CentOS6 server, but behind Cloudflare

Post by TrevorH » 2021/02/20 04:41:21

If all it is running are that lot then using a newer supported operating system shouldn't be that much of a problem.

No-one's going to tell you that it's OK to run an out of date, EOL o/s. It isn't. The further out of date it gets, the more dangerous it gets to run it. The only safe place to run it is in a locked room with no network connection.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

MartinR
Posts: 714
Joined: 2015/05/11 07:53:27
Location: UK

Re: Website hosted on CentOS6 server, but behind Cloudflare

Post by MartinR » 2021/02/20 10:22:29

The only safe place to run it is in a locked room with no network connection.
I've done that in the past and got told off by ... Trevor! ;) ;) (Sorry, impossible to resist)

6lover
Posts: 3
Joined: 2021/02/19 19:31:17

Re: Website hosted on CentOS6 server, but behind Cloudflare

Post by 6lover » 2021/02/20 18:19:48

TrevorH wrote:
2021/02/20 04:41:21
If all it is running are that lot then using a newer supported operating system shouldn't be that much of a problem.
Excuse me but I'm confused. Please tell me which applies:

1. You are being sarcastic because there are a lot of other processes running on CentOS 6 and, thus, believe that it is a problem to keep running CentOS 6.
2. You are saying that, if I keep WP, nginx, PHP and MySQL updated, it shouldn't that problematic to keep running CentOS 6.

This is a sincere question because I'm confused. Thanks.

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Website hosted on CentOS6 server, but behind Cloudflare

Post by jlehtone » 2021/02/20 19:50:52

No. He wrote:
3. It should be quite easy to install a supported OS and migrate the WP+nginx+PHP+MySQL to it.

Whoever
Posts: 1357
Joined: 2013/09/06 03:12:10

Re: Website hosted on CentOS6 server, but behind Cloudflare

Post by Whoever » 2021/02/26 02:30:45

6lover wrote:
2021/02/19 20:05:49
So lets say that it is Wordpress vanilla (latest) running on PHP, nginx and MySQL.

If these four are kept updated (WP, PHP, nginx and MySQL), then it doesn't matter if the server is running the old CentOS 6? I'm asking from a security standpoint.
How are you going to keep these updated? Build them yourself? That's probably a bigger effort than migrating to a supported Linux distro.

What if Wordpress stops supporting the ancient version of PHP that is on CentOS 6? The install requirements for Wordpress state PHP 7.4 or greater, so are you sure you have the latest Wordpress?

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Website hosted on CentOS6 server, but behind Cloudflare

Post by TrevorH » 2021/02/26 10:33:48

1. You are being sarcastic because there are a lot of other processes running on CentOS 6 and, thus, believe that it is a problem to keep running CentOS 6.
2. You are saying that, if I keep WP, nginx, PHP and MySQL updated, it shouldn't that problematic to keep running CentOS 6.
Neither.

I'm saying that if all you have running on this CentOS 6 host are those things then they all quite happily run on newer versions of CentOS so there is no reason to keep running CentOS 6 and you should migrate ASAP. Which you should.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply