PHP 5.6 and 7.0, the 57.1% basic scripting language for all WordPress sites, will stop receiving security updates in December 2018. After this date, security patches will not be released for these versions of PHP, making these sites less secure.
This may mean that WordPress sites that still use older versions of PHP in the event of a vulnerability can cause traffic loss and ranking nightmares.
This figure shows the percentage of sites using PHP 5.6 and 7.0. Some people worry that more than one-third of WordPress sites use 5.6.What is it?
PHP is a scripting language that supports creating websites. There are different versions. Each version represents an improvement over the previous version. As each version is created, software such as WordPress is updated to take advantage of the latest performance improvements.
When does the security update end? The security update for PHP 5.6 will end on December 31, 2018. Security updates and patches for PHP 7.0 will end on December 3, 2018. This table shows when PHP 5.6 and 7.0 no longer receive security updates. How many WordPress sites are at risk?
According to official statistics released by WordPress & rsquo;, 57.1% of WordPress sites run these outdated PHP versions.
Why is security support over?
Each version of the security support program lasts for a limited number of years until the so-called End of Life (EOL) is reached. At this point, even if a vulnerability is discovered, no security improvements will be created for it.
According to the official PHP website, this is what EOL means:
“ The version is no longer supported. Users of this version should upgrade as soon as possible as they may encounter unpatched security vulnerabilities. ”
All sites need to be upgraded to the latest version, otherwise they may be affected by hacking.
What if you can’t update PHP?
All sites that fail to upgrade to the latest version of PHP will be insecure and will be vulnerable to hacking once versions 5.6 and 7.0 enter their lifecycle (EOL). This means that even if a security hole is discovered, no one will fix the vulnerability in the PHP version.
Also, many plugins, themes and WordPress itself will eventually stop using these versions of PHP.
If you run a WordPress site, the most cautious action is to upgrade to the latest version of PHP.
How do I identify which version of PHP I am using?
The easiest way is to log in to your host control panel and find a link that focuses on the part of PHP. There are some online tools that can tell you, but it’s best to log in directly to your control panel and check it yourself.
There are also plugins that tell you which version you are using. For example, the WordPress phpinfo() plugin is an easy-to-use plugin that tells you which version of PHP the WordPress site uses. Once you know which version of PHP you are running, you can remove the plugin.
Alternatively, you can call your hosting provider’s support and ask for help to determine which version of your site is used and how to upgrade it.
How to upgrade PHP from 5.6/7.0 to the latest version
Step 1 & ndash; Backing up your website Back up your WordPress site is very important. The easiest way is to use the UpDraftPlus plugin.
Step 2 & ndash; Check for plugin compatibility to ensure that all plugins have been updated to the latest version. In addition, updates should occur in the past few months, no more than a year.
If the plugin hasn’t been updated for a long time, please visit the plugin’s author page to verify that the plugin is compatible with the latest version of PHP (PHP 7.2).
If the plugin is not compatible, switch to the most commonly used and recently updated plugin that does the same thing. You really shouldn’t run any plugins that are compatible with the latest version. Poorly maintained plugins can present a security risk.
Step 3 & ndash; Upgrade the PHP version Log in to your web host control panel, find the PHP section and upgrade the PHP version of your website. If this is difficult, please contact your web hosting support for assistance.
Put security as part of your SEO process
Security issues are usually not part of SEO. SEO focuses on improvements that contribute to rankings.
However, once a website is hacked and search traffic disappears, security quickly becomes a nightmare for search engine optimization. So why wait until your site is hacked to increase the security of your SEO toolkit? Increase security for your SEO routines and avoid the risk of traffic loss. Search engine optimization is just as important as maintaining traffic.
Read the PHP support details on the official PHP page https://secure.php.net/supported-versions.php
More resources to move WordPress sites from HTTP to HTTPS: a complete guide to HTTP to HTTPS migration: The ultimate stress-free guide study shows that network security directly affects SEO