1. Kayako Download customers: we will continue to develop and support Kayako Download beyond July 2017, alongside the new Kayako for existing customers.

    Find out more.

  2. The forum you are viewing relates to Kayako Classic. If you signed up or upgraded to the new Kayako (after the 4th July 2016), the information in this thread may not apply to you. You can visit the forums for the new Kayako here.

How many of you are stuck on an older version because of MySQL Requirements?

Discussion in 'Installation and setup (Kayako Classic Download)' started by Viscott, Jul 6, 2016.

  1. Viscott

    Viscott Established Member

    I am currently on 4.69.0 and cannot upgrade due to the latest MySQL requirements.

    Running: PHP Version 5.6.23 and 5.0.11.

    I am on a leased server where I have a lot of leeway on what can be done with PHP and MySQL.

    My hosting company which manages the server and also hosts their shopping cart application tell me the following:


    The latest Kayako requires an indexing feature that is only present in MySQL 5.7 or MariaDB 10.1. The very latest version of RedHat Enterprise Linux still uses the 5.5 version, so not even migrating to a newer server would resolve the issue. The only options available are:

    1) Replace the running copy of MySQL on his server with a downloaded version of MariaDB 10.1 / MySQL 5.7 (doesn’t matter which). The problem here is that many other software dependencies on the server may break by doing this, so we’d have no way to know what would stop functioning correctly, either immediately or in the future. MariaDB does have a repository for doing this (https://mariadb.com/kb/en/mariadb/yum/), which should be supported for a while, so it is an option. The catch; if we do this, and it breaks the server, we’re going to charge for support time to fix it, now and in the future, and there are no guarantees it won’t seriously break something at some point, unexpectedly.

    2) Create a (standalone) database server and do the same as the above. That eliminates the risk to other apps, Plesk, the OS, etc. as it’s only duties would be database. We can connect plesk to it so he can still manage databases on it, etc. You could also put other things on it like Miva Merchant stores, which would increase the performance by having the database duties moved to a second server. Having a dedicated database server would be $200/mo.​
     
  2. We had similar problems running on CentOS 6 and CentOS 7 where the default CentOS repository only supports 5.5. It was fairly easy for us to uninstall the existing MySQL and then install a version via the MySQL repo - i.e.
    Code:
    rpm -Uvh http://dev.mysql.com/get/mysql57-community-release-el7-8.noarch.rpm
     
    yum install mysql-community-server
    We did notice that when uninstalling the existing MySQL it also removed some dependencies which we need to reinstall, but there was no issue with it. Don't go with MariaDB - we tried this and it horribly failed and Kayako was not able to assist. Rather stick with MySQL.

    The issues we faced (when upgrading from 4.70 to 4.74.2 - we also upgraded to MySQL 5.7.13, PHP 5.6.22 and NGINX 1.6.3) - our current configs are on Git - https://github.com/magicdude4eva/kayako-nginx-seo
    - We had to completely rework our MySQL my.cnf
    - The Kayako upgrade breaks because of the text-search feature and issues in MySQL which results in MySQL crashing and corrupting your DB (here is a workaround for 4.74.x - https://gist.github.com/magicdude4eva/34a11d67e816d45a0c37005a5adcd01c)
    - The upgrade via the web breaks, we had to use the command line upgrade (cd into the setup-folder and then run: php console.upgrade.php)
    - With a later version of PHP, Kayako throws errors about $HTTP_RAW_POST_DATA. To fix this issue, explicitly set the value of "always_populate_raw_post_data" to -1 in your php.ini
    - We also had a compatibility issue where php56w-mysql was installed rather than php56w-mysqlnd - this caused frequent disconnects and DB errors.

    I also suggest to enable clamav and maldet to monitor __swift/files where your attachment resides as there are still unpatched vulnerabilities which allows the upload and execution of backdoors as attachments or user profile images.
     
  3. bear

    bear Kayako Guru

    We've not been made aware of any such vulnerabilities by Kayako, though that means little. Can you PM me a link, if one exists?
     
  4. Guys from openbugbounty.org contacted you via email with details. It is my understanding that the vulnerability can be exploited via user avatars as well as sending attachments in a specific format. On our end the vulnerability did not trigger as we are running clamav and maldet in realtime and those uploads had been immediately removed.

    It is my understanding that the attachment can be executed on any user / agent viewing the attachment or a user with the avatar containing the malicious content.

    I unfortunately have no other information than that.
     
  5. bear

    bear Kayako Guru

    They would have no reason to contact me, I'm just a Kayako user (for now). ;)
     
  6. Sorry - I misread your title "Kayako Guru" as being a Kayako employee. There have been a number of XSS vulnerabilities reported to Kayako in the past. The last big one was last year in June and then another one in September - the security researcher informed us about it and we plugged the whole by hardening our Kayako installation as well as running WAF and malware detection.
     
  7. Jamie Edwards

    Jamie Edwards Staff Member

    I don't believe we've heard from openbugbounty about this - would you be able to email me more details?
     
  8. bear

    bear Kayako Guru

    Simple mistake. That title is something the board does and I don't have access to change it. It does kind of imply that, and shouldn't.
     
  9. mikeonline

    mikeonline Member

    Thanks for publishing your settings. I checked out your my.cnf file. It has a number of interesting recommendations, apparently from Kayako Support. I'll do more research on these settings.

    - Michael
     
  10. Pleasure. We are currently running Kayako and MySQL on a single server with 18GB RAM and 4 cores. Our environment supports 60 agents and serves KB and ticketing on our marketplace (1,3m monthly users). The configuration functions well (especially NGINX). We will probably up memory to 24GB RAM as we have noticed a bit of swapping during high-load scenarios.

    This was always something which frustrated me with Kayako - it should really be in their own interest to assist customers with some best-practise setup and if you think about it, there are really just a handful of setup-scenarios. Yet, they have never been able to publish basic defaults for MySQL or NGINX.
     
  11. CyberCr33p

    CyberCr33p Established Member

    It works with MySQL 5.6.31 or newer.
     

Share This Page