If your software or website is dependent upon PHP 5, life as your application knows it is about to change forever. Soon, and we’re talking about January 1, 2019, any application that is running PHP 5.6 or lower will no longer be supported by the PHP developer community.
What does this mean for your application? You better upgrade it now or face the consequences. When support runs out, PHP 5 will be vulnerable to outside attacks, even with well-written code in place.
- Users on Slashdot worry that small organizations will overlook the need for PHP updates due to monetary concerns, thereby making them more susceptible to attacks.
- Martin Wheatley on LinkedIn warns of secret hacks in outdated PHP code where you risk losing data and never knowing about it.
- RIPS Technology says that even the best-written applications that use old versions of PHP “may be still vulnerable to attacks.”
This is scary stuff and shouldn’t be taken lightly. On the positive side, applications that are upgraded and now run PHP 7+ run exponentially faster and have increased security to go along with an active developer community.
- WP Engine demonstrates that newer versions of PHP can handle increased traffic much more efficiently, providing a better overall user experience for site visitors.
- Torque expounds that not only does WordPress use up-to-date versions of PHP, it offers an expanded feature set that is great for both new and experienced developers.
- Joomla notes that PHP 7.2 is much more secure than its predecessors, along with providing improved overall performance.
Here’s what Metisentry’s team is saying about the upcoming end of life for PHP 5.
- Our hosting manager Gary Hodder notes that “if the application has been hacked, we have to remove the application from our servers until it’s fixed.”
- Our developer Chris Bischoff paints a more positive tone about PHP 7, noting that the major reasons to have it active are “stability, PHP support, security and speed (PHP 7 offers a massive upgrade in performance). Security is the big one because there is active PHP vulnerability support and version 5 is no longer supported.”
We suggest a proactive approach when you have an application that’s running PHP 5 or lower. An upgrade to PHP 7 can be a small task that can be done inside a day, often less than a couple hours. If you are not sure if your website is at risk, or if you are at risk and would like us to upgrade your website, please get in touch before time runs out.