Upgrade your PHP

What version am I running?

Please wait...


Outdated & Current:

PHP 5.6 will NOT receive security updates after 31 Dec 2018 ( days ago).

PHP 7.0 will NOT receive security updates after 3 Dec 2018 ( days ago).

PHP 7.1 will receive security updates until 1 Dec 2019.

PHP 7.2 will receive security updates until 30 Nov 2020.

PHP 7.3 will receive security updates until 6 Dec 2021.

Your web server or host may disable the version header. There are other ways you can find out:

  • Check the admin panel on your hosting provider. Some hosts use software like cPanel to allow you to configure the version.
  • Create a PHP file containing phpinfo(), which returns information about your live version.
  • If you have SSH access to your server, run a command such as php -v. Note: this uses the default version of PHP, which may be different to the one your site uses.
State of affairs

According to w3techs, 78.9% of websites use PHP. The version distribution is as follows:

  • WordPress, the software that powers 31% of the websites, recommends using PHP 7.2 but 64.5% still use 5.x and 19.8% use 7.0.
  • Laravel 5.7 requires ≥7.1.3.
  • Magento 2.3 and Magento 1.9.4 support PHP 7.2.
  • Symfony 4.0 requires ≥7.1.3.
How do I upgrade?

If your software supports 7.x, it can be as simple as upgrading the package on your server. Check out a guide for your specific operating system on how to do this. For example, here is how to do it for Ubuntu.

If your software contains 5.x-only features, you will need to update your software. Hiring a developer (or me) will allow you to get the benefits from the latest PHP version. The official website contains a guide on some of the things to look out for when migrating. Virtually all frameworks support PHP 7.x so upgrading is a matter of updating the glue code.

The issues...
  • Unsupported plugins/frameworks - Some software or plugins that you may use might not support 7.x.
  • Backwards incompatibility - A number of PHP extensions were removed in 7.x. The official PHP migration page lists all the things to look at.
  • Technical debt - Upgrading from 5.x to 7.x to receive performance benefits doesn't fix the long-term technical debt.
  • Unable to upgrade - Some hosting providers don't offer the ability to switch to 7.x.
  • "It works fine" - That may be true, but it doesn't stop the security vulnerabilities.

Why upgrade?

Performance

PHP 7.x ships using the PHPNG engine, giving drastic improvements in speed and CPU usage. This makes the whole site more responsive and search engines, like Google, use page speed in their ranking algorithm.

I can speed up your website! Contact me at @DanielLockyer or [email protected]

This benchmark from Kinsta.com shows the improvements to requests/second for WordPress:

Phoronix ran PHPBench on different versions and found this:

I upgraded the PHP version for my clients and saw this kind of CPU usage drop:

This has the potential to reduce server requirements, and therefore costs.

Security fixes

PHP doesn't have the best track record when it comes to security vulnerabilities. When a version reaches end of life status, it stops getting future security updates. This can present a risk to both yourself, and your users. All it takes is someone holding on to a 0-day exploit for everyone to have a very bad time.

New language features

Each minor version bump in PHP comes with new language features that allow for more terse, expressive code.

I can upgrade your PHP! Contact me at @DanielLockyer or [email protected]

by Daniel Lockyer