Suggestions on path for upgrading old Lucee version to current release?

Hello,

We currently are operating a Lucee environment that last saw major development in 2017.
We have been tasked with upgrading the Lucee / Java / Tomcat to the latest stable versions of these releases for security and performance.

Do you all have any documentation, or patch to patch path that would work for getting from our version to latest version?

I understand it could be a process of trial and error, but if anyone has any experience performing an upgrade even close to this magnitude, any advice would be appreciated.

Although it would be very time consuming, we can certainly entertain the idea of slowly moving from release to release, however, if anyone has a path is quicker, that would be great.

OS: AWS Linux 2 / Linux (4.14.231-173.360.amzn2.x86_64) 64bit
Java Version: 1.80_152 Oracle Corp 64 Bit
Tomcat Version: Apache Tomcat / 8.5.24
Lucee Version: 5.2.5.20
CF Compatibility: 2016.0.03.300357

I’d say, extract the config using @Brad_Wood’s cfconfig and install a fresh instance

I do Apache web server/Lucee under Ubuntu. Mostly I do a full install again every LTS release. The hardening part is under Apache config. I just check Tomcat Security Reports site for any CVE and make sure I am using the latest version. Do you have access to a PCI compliance scanner?

Force SSL
disable old SSL protocols/ciphers
Hide Lucee Admin
other PCI stuff