Recently Apache made an announcement that they'd patched a serious denial-of-service hole in their web server. Yesterday they announced they'd patched it again. Some discussion about the "quick fix" versus the "complete fix" went on, but either way I hadn't upgraded my server for some time. I upgraded it today.

I also upgraded the PHP module that went with it. Building the httpd server and PHP module went much smoother than I thought. After restarting, though, I noted that Apache was still using the old PHP. New Apache, though. A quick peek and I noticed that the httpd.conf didn't use the symlink to the Apache directory, but the actual directory name. When I corrected that, I was then reminded I'd forgotten a couple modules.

I quickly re-compiled those, without seeking updates (I'll have to remember do do that, too). With all of the modules in place and the configuration file working, I again tried starting Apache and was successful!

New Apache. New PHP. Same other modules. In theory, DOS protection on!