11

I am upgrading an Ubuntu 18.04 LTS server to PHP 7.4 because PHP 7.2 is no longer supported.

Other public questions have directed me to add sudo add-apt-repository ppa:ondrej/php, such as How to update/upgrade PHP 7.2 to latest version safely?

When I run add-apt-repository ppa:ondrej/php, the following information is displayed to me (quoting the relevant part for purposes of this question):

CAVEATS:

  1. If you are using php-gearman, you need to add ppa:ondrej/pkg-gearman
  2. If you are using apache2, you are advised to add ppa:ondrej/apache2
  3. If you are using nginx, you are advised to add ppa:ondrej/nginx-mainline    or ppa:ondrej/nginx

Should I add-apt-repository ppa:ondrej/apache2 as well, if I am running apache2 on this server?

Dave Aiello
  • 211
  • 1
    Hello. That is what the update told you to do. – David Mar 20 '22 at 11:47
  • I'm asking because How to update/upgrade PHP 7.2 to latest version safely? says nothing about add-apt-repository ppa:ondrej/apache2 or add-apt-repository ppa:ondrej/nginx-mainline or add-apt-repository ppa:ondrej/nginx. – Dave Aiello Mar 20 '22 at 11:55
  • Are you running nginx? – David Mar 20 '22 at 12:05
  • No, I'm running apache2. I am just referring to the CAVEATS that were displayed when I initially executed add-apt-repository ppa:ondrej/php, and I wanted to make reference to each of the web server-related caveats. – Dave Aiello Mar 20 '22 at 12:07
  • FYI, I don't know anything about gearman, and I don't believe it's part of any of my server installations. – Dave Aiello Mar 20 '22 at 12:09
  • Well if not running nginx why would you add the ppa for them? – David Mar 20 '22 at 12:09
  • I don't want to debate my question, and I'm sorry if it seems like that's what I'm doing.

    If add-apt-repository ppa:ondrej/apache2 is necessary because otherwise the PHP 7.4 software won't be accessible from the running Apache 2 instance, that's what I was hoping would be discussed in an answer to my question.

    As written, the CAVEAT doesn't explain why I am advised to add the apache 2 ppa.

     – Dave Aiello Mar 20 '22 at 12:19
  • 2
    Just being clear I would do the 2 ppa as it suggests you should. – David Mar 20 '22 at 12:47
  • 1
    I used to use the ondrej ppa for apache for years and had no problems. I never used php though. – Organic Marble Mar 20 '22 at 18:59

1 Answers1

6

My interpretation of your question is that you would like to know why you're being advised to install ppa:ondrej/apache2 over the default Ubuntu Apache2 package. The most authoritative answer I could find to this question is from the PPA author:

Q

In the main PHP PPA it is recommended that:

If you are using apache2, you are advised to add ppa:ondrej/apache2

However, there are no arguments as to why this is recommended, what benefits this apache build will have and what risks systems might be exposed to by doing so...

A

apache2 has all the fancy stuff like modern crypto, HTTP/2.0 and TLS/3.

For the rest, you need to do your own research (I provide couple of updated modules that has been requested) and maybe submit a patch for the description if you want to see it improved.

In another GitHub issue, the author gives a similar answer:

Q

On a related topic: I see that you recommend using the ondrej/apache2 source for Apache as well ("If you are using apache2, you are advised to add ppa:ondrej/apache2"). Can you give me an idea of the risks of not using ondrej/apache2 if I'm using ondrej/php?

A

The apache2 from PPA is up-to-date, has better HTTP/2 support, has TLS1.3 support. There are no risk per se.

The reasons given should not apply to Apache2 from the Ubuntu 18.04 repos; the latest release, 2.4.29, supports TLS 1.3, and HTTP/2 should just work.

It would be helpful if the PPA maintainer updated the FAQ page to this effect, and perhaps elaborated a bit on when this advisory is actually applicable.

Jimadine
  • 161