Something that all WordPress users need to acknowledge about PHP is the massive effect it has on their websites’ security and performance. This scripting language, similar to WordPress, has progressively improved over time and keeps going in the right direction with each consecutive update. A fresh PHP version gets out on the market almost once a year. For every branch release of the language, there is consistent support of two whole years. The third year would only get the absolutely critical updates in regards to security, thus your PHP version is not part of the features that you can set once and then forget. An enormous problem the WordPress community is facing is the fact that many sites, businesses, developers, and hosting providers are not supporting of latest versions of the scripting language. It’s especially frustrating when we consider just how quick and easy we can upgrade it.
The lifetime of older PHP versions is running out for your WordPress
As of December 6th, 2018, the latest version of PHP is 7.3. It also is undoubtedly the greatest to date. Versions 5.5, 5.6, even 7.0, have now reached EOL (End of Life) state. It’s a standard part of every release cycle of PHP. Once a certain version reaches its EOL, PHP would cut out the security support provisions for it.
If you’re wondering: “wasn’t PHP 7.0 just released?!” – it was… three whole years ago. And to be accurate, PHP 7.1 started receiving security updates only since the start of December 2018. Active support for PHP 7.1 has been discontinued even before the final date for the security support of ver. 5.6. Additionally, the security support for 7.1 ends at the beginning of December 2019.
According to the official WordPress.org Stats Page, as of posting this article, roughly only 23% of the users have already gone ahead to upgrade to a supported PHP version. A very small amount (11%) are using PHP 7.1, yet another 11% use PHP 7.2, and just 0.4% are actually using the newly released 7.3 version of the scripting language. What we can see is the fact that the majority of users – over 34% – keep running on PHP 5.6. Roughly 20% of them still prefer the 7.0 version. What’s even scarier is that a whopping 77% of the WordPress users are using out-of-date and no longer supported PHP versions.
Why Is WordPress Requiring Newer Versions of PHP?
In December 2018, at WordCamp US, was announced a highly anticipated punch in the minimum requirement for the PHP version on a WordPress site. Matt Mullenweg made a suggestion during his State of the Word 2019 for 5.6 to be the minimum version until the middle of 2019 and for it to be bumped up again to the 7.0 version of PHP in the second half of the year. All of this will be a fact in case nothing goes wrong. This statement was enormously applauded – it got far more praise than the previous news about Gutenberg.
Still, the announcement from last week by the WordPress team came as a great surprise for the whole WordPress community. Of course, continuing on with the newest PHP versions is more than welcome news, although the minimum PHP version that is required to run a WordPress based site has not been touched for years. All these changes have been awaited for a long time. Now, they are finally a fact.
WordPress, as a CMS (Content Managing System), will display warnings in the backend administrator panel. Those warnings will be to note about outdated PHP versions and they are to further increase the awareness about this global issue.
The WordPress Core Team has the responsibility to manage the world’s most used CMS. With that said, they took the pledge to make sure WordPress keeps up with PHP in upcoming years and that it works forward in increasing awareness, along with changing apathy, awareness, or support for the most recent PHP releases.
“The immediate goal is to put in place supporting structure and site owner education/resources etc. so that we can more actively reduce the number of existing active WordPress sites on older PHP EOL versions and thus improve security and performance of the web.”
The current plan is to display a warning in the backend administrator panel for sites that are using PHP versions prior to the 5.6.x branch. The “warning” message would contain a link to one of the WordPress support pages that briefly explains the issue, followed up by diving into how all site owners can be ready for an upgrade of their server’s underlying version of PHP, and then perform it.
Those warnings will begin displaying as notification messages starting from WordPress 5.1, expected to be released around March 2019.
Sites that choose to remain on PHP 5.5 or below will still be able to receive security updates and perhaps some bug fixes, but they won’t have the opportunity to use the most up-to-date and major WordPress version until they go through the upgrade procedure of their PHP.
Prior to the long-anticipated release of WordPress 5.0, it was declared that the CMS aims to fully support version 7.3 of PHP in its release. Currently, the official requirements page suggests that in order to run WordPress, your host needs to support 7.3 or greater. It’s no wonder that the decision to have this warning appear for sites was taken after the release of the 5.0 branch of WordPress.
Still, there is the official note that states:
Even as WordPress Core continues to expand its support for new versions of PHP, there is no intention of abandoning support for older versions until usage numbers show that the impact on users will be minimal.
The Story Behing the “Warning!” Approach
Upgrade stats compiled days after the 5.0 release of WordPress had reported that roughly 85% of the users were already running their websites on PHP 5.6 or above. This goes to show that a small amount of the active community takes note of these warnings in general.
The WordPress Core team had observations about specific notifications with the role of encouraging users globally to upgrade their PHP versions and those notifications showed to be extremely effective. With the release of Yoast SEO 4.5 in early 2017, their team experimented using a similar warning approach. Yoast added a warning that urged site owners with out-of-date PHP versions to update it. The only way to disable this warning was to proceed with the upgrade. Results showed that the upgrades got twice the rate than before that notification was displayed.
We’ve seen that this notice has had a great impact and we now have less than half of the PHP 5.2 users WP core has. As annoying as it is, it’s working. Which is why I wouldn’t bet on the core team doing anything different than what we do.
– Joost de Valk, Founder and CPO at Yoast
This initiative was named the Yoast WHIP project and it proves that “bothering” (as de Valk calls, in the original Trac ticket they wrote about merging the WHIP into WordPress core) users to upgrade could actually lead to a change that makes everything better for everyone.
As a result of the WHIP project, alongside the positive uptick in the PHP upgrade count, the Servehappy project has been launched in the middle of 2017.
Why Can’t You Just Use an Old Version of PHP Forever?
- One of the most important reasonings to upgrade your PHP version is security. Your WordPress will be much more secure if it’s running one of the latest versions of the scripting language. It will guarantee that your business is protected against the most current vulnerabilities on the “market” and will also be patched for security holes on a regular basis.
Be sure to check also:
- PHP 7 has already demonstrated much higher data processing and load-carrying capacity than its predecessors. In addition to the high performance, you are likely to expect huge memory savings. The reason for that is because substantial optimization was carried out in the internal data structures.
- Official PHP benchmarks are showing us that PHP 7 allows the system to execute twice as many requests per second in comparison with PHP 5.6, at almost half of the latency.
- From a business perspective, PHP 7 provides crystal clear advantages over its predecessors, like excellent performance, resilience, and utilization. It’s able to enjoy a modest edge when it comes to WP.
- Businesses, such as some e-commerce giants, with a large online presence would find PHP 7 especially suitable for their website.
- The minimum requirements for WordPress have increased.
- Ultimately, users will struggle with compatibility issues with installed incompatible plugins and scripts with their outdated version.
- Last but not least, probably the best practice is to endorse a stable version. All of the new features promote upgrading.
How to Update PHP in a Safe Way
Hopefully, by now we’ve convinced you that the upgrade of your PHP version is absolutely necessary if you want the best performance and highest security of your website. The migration is not so complicated as long as you go about it safely, in order to ensure that the update will not break any of your site’s elements.
Whenever one considers switching to a new version, the thing that comes to consideration is the compatibility. Keep note that PHP 7 isn’t backward compatible. The main thing to keep in mind is the fact that if you have not been diligent about the maintenance of your WordPress software, some of the scripts, plugins, or themes may not be compatible with specific versions of PHP that one wants to use. They also may not work in the way they are expected to. Additionally, a wrong PHP version may fully or partially break your site. Of course, it is possible that your plugin or theme code is completely old-version-dependent. Ultimately, we can always try the upgrade and downgrade if there’s an issue.
Step #1: Keep calm and always create backups before you upgrade
Most likely, when we update PHP, it’s all coming up roses. However, it can never be guaranteed that everything will go as our gameplan. In case a problem occurs, we want and need to have a backup and put the website back together. All this is a lot easier if you already have a clean and shiny backup of your site.
Backing up your website regularly is a thing we already do free of charge, along with our services. However, you’ll want to have a handy fresh backup of your site by your side, so that you can easily revert the changes in the event something goes even slightly wrong.
We would urge everybody to generate a backup manually before pulling the trigger and upgrading their live websites. You can take a look at our step by step guide about how to do it from your cPanel with us.
Next, you can proceed with the following step.
Step #2: Create a local staging copy of your website
It’s always the best idea to test the most recent PHP version in a staging or development environment rather than on your live site. This staging website will serve as a duplicate copy of your existing live website, placed in a subfolder of the main directory. Just bare in mind that once you create a staging site like that, it will automatically set that copy to be the same PHP version as your live site.
Then you would need to change the desired PHP version per directory. You can easily achieve this by setting custom rules for each folder.
You can then go ahead and run tests on the staging site to gauge the compatibility of your current themes and plugins and find out how it reacts. Be sure to check your error log for any errors. If nothing unusual happens, you can later proceed with the upgrade of your live site.
Step #3: Update Everything
Before we begin, we need to make sure that your plugins and everything else are up to date. By doing that, we would be checking for compatibility against the latest versions of everything, thus getting the best chances for success in our mission.
That way, one won’t have to go around additionally to fix things. Be sure to click on the button that says “Upgrade” wherever it’s necessary.
- Update WordPress itself
- Update your Theme
- Update All Plugins
Step #4: Check for Compatibility
Now comes the part where you check for errors on your end. The things you are looking for and what you might be able to find can vary extensively. It all depends on the unique setup that you have. However, here’s our recommendation for the order in which you perform the test:
- Make your way through each page on the site and look for elements have stopped working all of a sudden.
- Check every plugin one by one and see to see if they behave as they should.
- Test the features your active themes include. Make sure that everything is still working properly.
- Also, go ahead to the
wp-config.phpfile – set the variable
true. It would display all errors and warnings.
Step #5: Upgrade Your Live Site
Once you complete the testing phase, follow the steps to proceed with the upgrade.
Which version should I update to?
We can’t stress hard enough how highly recommended it is that you upgrade to the latest PHP version if your site’s software can do so without issues. The latest version is to be supported the longest and it’s also the one that has the most fixes which improve the overall performance of a website.