PHP 7.4 End of Life is fast approaching as this PHP version will stop receiving any security updates from November 28, 2022. This means WordPress Site owners need to upgrade to PHP 8
What is PHP?
PHP (recursive acronym for
PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML.
Erm what? and why do I care? I use WordPress for my website, not PHP?
The bulk of the core WordPress software is written in PHP, which makes PHP a very important language for the WordPress community – it is the engine that runs your website.
Each PHP version has a support lifecycle of three years, which includes two years of active support and one year of critical security patching. Three years after the initial release date, a version reaches its end of life.
PHP 7.4 was released on November 28th, 2019. For the first 2 years, all identified bugs and security vulnerabilities are addressed in regular point releases. After two years of active support, the PHP community will provide fixes for critical security issues on an as-needed basis. The active support ended in November 2021, and all support will end in 22 days. Staying on PHP 7.4 past EOL (End of Life) introduces major security risks and can increase the risk of your website being hacked.
Unfortunately, W3Techs reports that, as of November 6th, 2022, “PHP is used by 77.4% of all the websites whose server-side programming language we know.” and PHP version 7 is the most used version accounting for 71.0% of all PHP usage, but as mentioned above, support for 7.4 stops in 3 weeks. PHP 8 only accounts for 5.9%, which is a concern
What are the main problems of using PHP 7.4 after EOL?
- Increased Exposure to Security Risk
This risk will accumulate over time as outdated and non-supported PHP will be exploited for malicious intent. WordPress is the most common content management system (43.1% of all websites are WordPress and has a market share of 64.2% of all content management systems) and, as such, is targeted by hackers with malicious intent.
- Reduced Website Stability
The latest Core WordPress version (6.1) has undergone various changes to offer full compatibility with PHP 8. Upgrading to this version while still using PHP 7.4 will lead to ever-reducing application stability as the core and the PHP being used become less compatible
- Slower Performance
This gets quite technical, but query caching, REST API improvements, and a JIT (Just in Time) Compiler will all help bump up your site speed and performance.
- Clashes with updated Plugins and Themes
PHP 8 has new PHP functions for coders to use – if they are present in that new shiny plugin you have just purchased but you are still using old PHP, you will get a site error
Are there any risks to upgrading to PHP 8?
WordPress 6.1 (the WordPress Core) is fully compatible. However, every WordPress site is unique because there are over 70000 plugins available, combined with thousands of possible themes giving a huge number of possible outcomes if any of those plugins or themes are using
The biggest risk is that deprecated functions being used by older plugins/themes could cause a Fatal error which would bring your site down. If this happens you will need to review the error log to see which plugin/theme has the issue and deactivate it to bring your site back up.
So How do I upgrade to PHP 8?
The first thing to do is talk with your hosting provider. Nustart Solutions customers are all getting this upgrade “done for them” as part of the managed WordPress hosting / WordPress Care packages we offer. Other hosts might expect you to do this yourself
Make sure you take a backup first
We strongly recommend testing on a staging site first (WPEngine has a very neat PHP version tester which is extremely useful and easy to use).
If you are not sure how to proceed, talk to your Web Developer, or use our PHP 8 Upgrade Service
WordPress website owners staying on PHP 7.4 past its End of Life will experience degraded performance and increased exposure to security risks, reduced website stability, slower performance, and potential clashes with updated plugins and themes.
I strongly (strongly!) encourage you to update to PHP 8 and WordPress 6.1 to take advantage of the new features and keep your website secure. Remember, you only have a couple of weeks left before you are exposed to these problems.