Upgrade distro php/openssl/apache for PCI compliance

I am failing PCI certification with trustwave because I have my PBX GUI available on the internet and it is running an old version of openSSL, PHP and Apache.
Can anyone point me to a “how to” on upgrading to supported versions?

You really can’t with the Distro certain things require it to be on PHP 5.6.

1 Like

If you are not using commercial modules then you can rebuild FreePBX with updated underlying software.

The wiki has instructions for Debian 10 and Centos 8.


You can ‘disexpose’ the GUI to the Internet through the Integrated Firewall or you can modify the underlying Apache config to only be accessible from the local network, or better yet, a specific terminal (or two) in your local network.


Thank you all for your help!

Hope support for these things gets added to distro, eventually.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.