Web server admins. Content Management System users. Anyone who runs a WordPress, Joomla and Drupal website. Laravel users. All take note; it’s time to upgrade your version of PHP.
At the very core of most of the usable web, is PHP. An underlying scripting language that powers 79% – 80% of the web.
Because of its popularity and the sheer amount of websites running PHP, it has a common underlying issue; while new versions of PHP are released regularly, it’s not updated on web servers around the globe nearly as often as it should be.
This poses a serious security problem for both the website and users visiting the website.
You can blame lazy web server (or network) admins, or slacking service providers or even website owners who run older websites not ensuring that their old website ‘plays’ nicely with newer versions of PHP.
If you’re not too tech-savvy, you may be asking “So what? Why should I even care if my WordPress website is running an older version of PHP?” The short answer is two-fold; 1) Security (the most important no-brainer answer) and 2) “Progress”.
“Security, got ya, but why should I care about progress?” you ask. There is a myriad of fundamental reasons why both your website and your PHP version should be kept up to date.
Firstly, the web and more importantly web technologies move at an astounding pace. As the months go by, incremental improvements are made to the scripting language, massive security improvements are made and more tools, features and optimizations become available to developers.
Web developers heavily rely on a scripting language such as PHP to deliver the end product to a user be it a web application or website.
Secondly, because of this tectonic shift between the web server, PHP versions and the code running on your website (ie. a WordPress CMS) it’s common for a CMS to get updated while the PHP version is left behind; usually decaying to a point where it becomes almost critical to update.
This is usually where the problems begin to occur as certain components / plugins / features cease to stop working on newer versions of PHP. This can become a very expensive and time-consuming exercise to try to align older code with modern versions of PHP. It’s something that could have been totally avoided if PHP was just incrementally kept up to date on your web server.
As of 2019, a shocking amount of websites still run older versions of PHP, specifically PHP 5 which is now discontinued. As is PHP 7.0.
In fact, PHP 7.1 is on it’s way out too with PHP 7.2 reaching the end of it’s life span next year, around this time (no more security updates). Here is a handy chart to make sense of it all:
Going into 2020, one should be aiming for a minimum of PHP 7.3 (7.4 if possible) to avoid both headaches and heartbreak. If there is one thing I can ask you to take away from this; it’s the knowledge that not maintaining your PHP version can become a very costly lesson.