This post is also available in: Deutsch
Deprecated PHP5 as a security risk – Why you should upgrade to PHP7 now
61.8 percent of the websites examined by W3Tech automatically are still be running on the basis of the outdated PHP version 5 in mid-October 2018. Already on January 1st, 2017, the phase of active support for PHP 5 ended. Only critical vulnerabilities in PHP 5.6 should be fixed until the end of 2018, according to the announcement at that time.
From the end of 2018 security vulnerabilities in PHP 5.6 will no longer be fixed
But by the end of 2018 all support for PHP 5 will expire. Even security vulnerabilities will no longer be fixed. What is worrying is that nearly two thirds of all websites worldwide still run on the outdated server-side language a quarter of a year before the end of PHP 5 support. Hackers could take advantage of this.
WordPress officially recommends the use of PHP 7.3
WordPress also officially recommends to run websites based on the popular CMS based on PHP 7.3 and higher. If you are not ready yet and do not use PHP 7.3, then:
“…WordPress will also work with PHP 5.2.4+ and MySQL 5.0+, but these versions are no longer maintained and may pose potential security risks for your website”,
so the recommendation against PHP 5 on the official WordPress website in Germany.
Upgrading to PHP 7 makes WordPress websites faster
If you take the – unavoidable – effort and upgrade to PHP 7.2, you will usually be rewarded with a significant speed advantage.
PHP multithreading allows you to perform multiple tasks simultaneously. Scripts can call data from an SQL database in parallel to another task. Parallel jobs can be executed in a single request, which significantly increases the speed of PHP code execution.
Tony Sol of GBKSOFT sees a performance improvement by a factor of 1.8 in comparison between PHP 5 and PHP 7 (see also bar chart).
Percentage of all Websites Using PHP 5:
- 78.9% 78.9%
Anteil aller Websites, die PHP 5 verwenden:
- 61.8% 61.8%
Websites run faster with the new PHP version. In addition, the last version of PHP 5, version 5.6, will no longer be supported from the end of 2018 onwards. Then security vulnerabilities may occur.
Requests Per Second with PHP 5:
- 35.93% 35.93%
Requests Per Second with PHP 7:
- 86.66% 86.66%
A full backup of the affected website should be created. If your WordPress installation no longer works after upgrading to the new PHP version, it is a good idea to check plugins and themes for incompatibility. Tip: If you can no longer get into the WordPress backend, you can temporarily rename the folder wp-content/plugins or any subfolder to disable all or the respective plugin.
In the past months we have converted a lot of WordPress websites to PHP 7.3 and could not find any problems worth mentioning. Since PHP 5.6 has not been actively supported since the beginning of 2017 (security support will expire at the end of 2018), plugins and themes that are not yet compatible with PHP 7 should in our opinion be put to the test. It makes sense to switch to PHP 7 for performance reasons and to make your website more secure.
We are happy to support you with upgrading to PHP 7.3, which we offer as standard as part of our WordPress hosting.