Web Hosting Forum - Explore the Latest in Web Hosting Discussions

We are a community of individuals and businesses passionate about web hosting. Let's build, learn, and grow together.

PHP 5.6 and PHP 7.0 are left without security support

Due to the constant appearance of vulnerabilities, the need to introduce new functionalities, and the importance of improving the performance of applications and servers, the versions of programming languages, frameworks, or any other services are constantly updated. But, although services are improving and fixing vulnerabilities, users do not usually update so quickly, which is a significant risk because the versions are abandoned. This is the case with the end of security support for PHP 5.6 and 7.0.

End of PHP 5.6 and 7.0

PHP is the programming language that makes web pages more interactive. Without PHP, most websites would be limited to text, links, and images. Currently, 78% of web pages use some version of PHP so that they can offer more and better features to the user. The problem comes when most of these use obsolete versions of the programming language.

Since its publication in 2014, PHP 5.6 has become the most widely used PHP version worldwide. So much so that it is currently used in 61% of web pages, this would not be bad news if it were not for the following reasons: in a few days, the end of PHP 5.6 will come. A version that has extended its support periods, especially security, given the impossibility of the user to update to the latest versions. PHP 5.6 has not had active support since 2017, and in just a few days, it will finally stay without security support.

With the end of PHP 5.6, PHP 7.0 will also arrive. So, from January 2019, the oldest active version of PHP will become PHP 7.1. The end of PHP 5.6 and 7.0 will make the use of any version before PHP 7.1 is not recommended. Not because it can not be used but because doing so exposes websites to security problems. That is to say, 60% of Internet websites that are not updated will be vulnerable as of January 1.

CMS and obsolete versions

Content managers such as WordPress, Drupal, or Joomla have contributed to the use of outdated versions of PHP. Although they recommend using the latest versions and warn that obsolete versions make the website vulnerable, platforms continue to support them. If they stopped supporting versions like PHP 5.6 and 7.0, users would be forced to update the version of their websites.

Although no critical security problem has occurred, due to its significant adoption, many vulnerabilities could appear in PHP 5.6 and 7.0, especially in PHP 5.6.

If you are one of those who still resort to obsolete versions, you are losing your website's performance improvements and endangering its safety. A service with active support will improve performance from time to time. If you have security support, you will also be safe from any vulnerability. However, the application will be in danger if the version has reached the end of its life.

Upgrade to PHP 7.2

As usual, every new version of PHP incorporates improvements in terms of functionality and performance. In this sense, the change from PHP 5.x to PHP 7.x improved the speed, included support for 64-bit, and solved critical errors of the 5. x. Thus, since the release of PHP 7.0 at the end of 2015, the speed of the versions of branch 7 has doubled.

Since the end will not only come for PHP 5.6 but will also be the end of PHP 7.0, we recommend updating your code to the latest stable version: PHP 7.2. Updating the PHP version implies checking the compatibility between the two versions to avoid problems. That is, it is not as simple as simply modifying the version. Hence, once you make the change, we recommend opting for PHP 7.2, a version with security support until November 2020.

Before updating your version of PHP, you can use tools that allow you to check the compatibility between versions like php7mar, phan, or phpstan. If you do not know which version of PHP you are currently using, you can check it in different ways, such as through the control panel or from the CMS you use. You can also use the phpinfo.php function to get more information about the PHP configuration, such as the version your website uses.

Update your PHP version before PHP 5.6 and 7.0 security support ends. This will ensure that your website, online store, or server is not vulnerable.
 
Thanks this information is helpful! Currently, I am using PHP 5.5 is it safe? Does my website security on PHP 5.5 is compromised? Looking for some information.
Thanks,
Lewis
 
  • Advertisement
  • Advertisement

    Back
    Top