Latest reports show 60% of all websites may potentially become vulnerable after December 31, 2018

PHP 5.6 runs on about 60% of the worlds web servers and support is ending on December 31, 2018 (End Of Life). That means new PHP 5 vulnerabilities may not be patched and could possibly leave hundreds of thousands of websites vulnerable. Time will tell what kind of wide reach this issue will have regarding security and website compromises. You can see these web server statistics on w3techs.com <https://w3techs.com/technologies/details/pl-php/5/all>.

The first thing you should do is contact your IT person or your website hosting company and verify what version of PHP your web server is running. If you are still running PHP 5 of any version then you need to upgrade to PHP 7.1.

 

 

Upgrading is not so simple sometimes
Upgrading your web server language can be a little tricky. Your upgrade issues won’t usually arise from upgrading PHP 5.6 to PHP 7.1. The problems normally arise when you start determining if your WordPress, Joomla, Drupal or other PHP based CMS (content management system) plugins will still function after the upgrade.

You may already have the latest version of WordPress installed and this should work fine with PHP 7.1 for the most part. However, you will need to test and verify. Major upgrades like this are always a pain because of the testing that needs to happen. Even after extensive testing, things can be missed. Be prepared to react to those additional details as quickly as possible after upgrading. Meaning, don’t upgrade and expect everything to be perfectly smooth. Sometimes you get lucky and there are no issues and sometimes your luck is not so good.

On a good note, this DOES NOT mean that every website running PHP 5.6 will become vulnerable January 1, 2019 – Happy New Year – LOL. What it does mean is that if a new vulnerability is found in PHP, your old version of PHP may not get the security fix and could be open to attacks.

It’s not too late. Take action. Contact your IT or Web Developer and have them verify you are safe.