Two PHP Versions Are Being Terminated, Putting Millions of Websites at Risk

In December 2018, PHP 7.0 and 5.6 are reaching the end of their lifecycles. Find out what PHP is and why it is so important to upgrade it.

Even though you might not have heard of PHP, you probably have seen it in action. Websites use this coding language to dynamically generate web pages, retrieve the data people enter into web forms, and perform numerous other tasks. Almost 80% of websites use PHP because it is quick, works well on sites of any size, and is open source. However, most of these websites are using versions that will soon become a security liability.

In December 2018, two PHP versions are reaching the end of their lifecycles, which means security updates will no longer be issued for them. Here are the dates to remember:

  • On December 3, PHP 7.0 is being terminated.
  • On December 31, PHP 5.6 is reaching the end of its lifecycle. The security support for this version was extended an extra year due to its popularity. More than 40% of websites use PHP 5.6. There are currently around 200 million active websites, so about 80 million of them are using PHP 5.6.

Note that PHP went directly from version 5.6 to version 7.0. There was never an official release of PHP 6.

Why It Is Important to Upgrade

WordPress, Joomla, Drupal, and other content management systems (CMSs) use PHP, so your business’s website might be using PHP without you realizing it. If your site is using PHP 5.6 or 7.0, you should upgrade it to a more recent version as soon as possible. At the time of this writing, PHP 7.2 is the most current version, with PHP 7.3 scheduled for release sometime in December 2018.

Upgrading is important. If your website is using PHP 5.6 or 7.0, it will be more vulnerable to new attack vectors because security updates will no longer be issued for these PHP versions. To make matters worse, hackers often keep track of when versions of popular technologies like PHP reach the end of their lifecycles. Once that day arrives, they intentionally launch new attacks that target the unsupported technology.

Besides being more secure, your website will also be faster if you upgrade, thanks to performance enhancements in the newer versions. For example, PHP 7.2 runs 20% faster than version 7.0 and 260% faster than PHP 5.6, according to Phoronix.

What to Do

Upgrading to a newer version of PHP is not always an easy task, which could explain why so many websites are using older versions. There are several reasons why an upgrade might be complex.

For starters, PHP is a server-side coding language, which means it runs at the server level. So, you need to make sure your hosting provider or your web server is running the PHP version you want to use. If you have a hosting provider and it does not support the desired PHP version, you will need to ask them to do so. If they refuse, you might consider switching to a provider that does offer it. If you have a web server and it is not running the desired PHP version, the PHP software will need to be updated.

You also need to make sure that your website’s software is compatible with the desired PHP version. This includes not only the CMS software but also other programs, such as plugins, themes, extensions, and templates. Any noncompatible software will need to be upgraded. If the software developer does not support the PHP version you want to use, you will need to ask them to update the software or switch to a program that does support it.

Finally, while configuring a website to use the desired PHP version is just a matter of selecting it in the appropriate spot in the site’s settings, the site needs to thoroughly tested afterward to make sure it runs smoothly. It is essential to have a backup of the site before the upgrade in the event there are significant problems encountered during or after the update.

Don’t Let Your Business’s Website Become an Easy Target for Hackers

Upgrading to a newer PHP version can be a lot of work, but we can handle the hassle for you. That way, it won’t become an easy target for hackers.