What’s on your to-do list for today? Buying milk? Finishing a presentation? Picking the kids up from school?
How about updating your website’s PHP version?
If you answered yes to the last question, you’ll be in the minority.
You shouldn’t be though. Keeping PHP up to date is an essential task for website owners around the world.
In this article, we look at why it’s so important and what could happen if you leave it too late to update.
What is PHP?
Used as an acronym for ‘Hypertext Preprocessor’, PHP is one of the most popular scripting languages used on the web today and it’s used to create dynamic interactive websites and apps.
Statistics suggest that as many as 77.4% of the world’s websites use PHP, including Facebook, Wikipedia, Zoom and Instagram.
PHP is also essential to the functioning of all WordPress websites around the world.
You’ll often hear PHP described as a server-side language, as it runs on your web hosting server.
WordPress Beginner explains nicely: ‘Whenever someone visits your website, their browser contacts your server to request the page. The PHP code runs on the server, and generates an HTML page to send to the visitor. The visitor then sees the HTML page in their browser. They can’t see the PHP script because it’s only on the hosting server’.
What is a PHP version?
Since creator Rasmus Lerdorf began developing PHP back in 1994, the programming language has continued to evolve and grow.
Since the early days, more than 20 major versions have been created, with each new version being more secure and feature-filled than the last.
FUN FACT: PHP 6 was never released so versions skip straight from 5.6 to 7.
Today, each new PHP version is fully supported for two years. In this two-year period, both bugs and security issues are regularly fixed and patched.
You can keep up to date on all the latest releases (both the major ones and the minor ones that are released to target specific bugs and glitches) on the php.net website.
In year three, only critical security issues are fixed for PHP versions. In year four, the PHP version reaches its ‘end of life’ and security vulnerabilities are no longer fixed.
How many people are using out of date PHP?
At the time of publishing, 8.1 is the latest version of PHP and versions 7.3 and below have reached their end of life.
Yet statistics from WordPress show that 41.1% of users were still using PHP versions 7.3 or lower.
Shockingly, these same statistics show that 15.2% of people are still using a PHP version below 5.6, which reached its end of life in 2018.
3 reasons you should update your PHP
As mentioned above, each version of PHP is supported for two years and during this time all bugs and security issues are addressed and fixed.
In year three, only critical security issues are fixed. In year four, the PHP version reaches its ‘end of life’ and security vulnerabilities are no longer addressed.
So, after the first two years PHP versions become increasingly more vulnerable to cyber attackers.
Cyber attackers know this all too well and in 2019, one report suggested that PHP was the target of 81% of the world’s malicious traffic.
Every new PHP release comes with a host of improvements that usually have a positive impact on performance.
For example, back in 2019, a study showed that when PHP 7 ran on WordPress 4.1.1, it could execute twice as many requests per second as the same platform running PHP 5.6.
New PHP releases often come with new or improved functionality and features.
For example, between the releases of PHP 5.2 and 7.4 more than 20 major improvements were made.
How to update your PHP
At Heart Internet we are currently advising all our Managed WordPress customers, who are currently running a PHP version of 7.3 or below, to update their PHP to the highest possible version their site can support.
You can find out all about how to do this on our FAQ pages.