Ah, PHP upgrades. Is any aspect of owning a website more thrilling than the relentless badgering of tech-heads to keep all of your software up to date?
Not sure what PHP is? Long story short, PHP is a programming language silently working behind the scenes of roughly 80% of websites. Of this 80%, more than half are still running the outdated and unsupported PHP 5.
At JBi, we’re well aware of how difficult it can be to gain a full understanding of the complexities of software upgrades, and how frustrating it is to be uncertain of whether or not upgrading to the latest available version is the right decision.
But never fear – when it comes to your decision about whether or not to upgrade to the latest version of PHP (7.2), we’re here to help.
Doesn’t it feel like there’s always a disclaimer? Well, this article is no exception! In terms of PHP upgrades, each case should be handled individually – the below advice is given for information purposes only and should be read as a set of guidelines rather than instructions.
Introduction
This article will highlight the main factors that you should take into account when deciding whether or not to upgrade your PHP version.
In the interests of simplicity and easy reading, we will assume that you are the owner of a website built with PHP 5.6, 7.0 or 7.1, using a mainstream framework (Laravel, Symfony, Zend, CodeIgniter, CakePHP, etc.) or PHP CMS (Drupal, WordPress, etc.). If you don’t know what your current PHP version is, you should speak to your tech team, who will be able to fill you in.
Based on this assumption, we will give you some ideas on how best to move forward.
Reasons To Upgrade: #1 - Security Risks
Security should be your chief concern when considering your website. It is of paramount importance that your site is running on software that protects not only your data but also your reputation.
This is especially true if you are currently running on PHP 5.6 (or lower), which is set to reach its end of life (EOL) on the 31st December 2018. This effectively means that the PHP Development Team will no longer provide official security updates for your site.
“This is a huge problem for the PHP ecosystem,” Scott Arciszewski, Chief Development Officer at Paragon Initiative Enterprise, told ZDNet in October. “While many feel that they can ‘get away with’ running PHP 5 in 2019, the simplest way to describe this choice would be negligent.”
While every situation should be assessed individually and this is clearly a generalisation, it is also clear that there are significant security risks to consider when deciding whether or not to remain on an outdated PHP version.
As Arciszewski went on to describe, in the event of a major, mass-exploitable PHP flaw, “PHP 7.2 will get a patch from the PHP team, for free, in a timely manner”, whereas “PHP 5.6 will only get one if the website owner is paying for ongoing support from their OS vendor”. This means that you will need external “dev teams” to come to your rescue.
Furthermore, if you are running a PHP version prior to 5.6, your situation is more precarious. Even the most recent pre-5.6 Release (5.5) lost official security support in July 2016!
So, while it is possible that you will still be able to run your site using PHP 5.6, it is not recommended.
It is also worth noting that, if you are using a popular PHP-based CMS, the latest versions might not offer support for PHP 5.6 and earlier. For example, Drupal 8 will drop support for PHP 5.5 and 5.6 on March 6, 2019 and Laravel versions 5.3 upwards won’t be supported with PHP 5.6.
Reasons To Upgrade: #2 - PHP 7.2 Benefits
PHP7 brought with it a host of exciting new features for developers. PHP 7.2 has built on these features, giving developers the tools to further maximise your site’s potential.
Yes, a language can have its own features – it’s more than just the final product you build with it! These features are mostly technical – designed to be used by your developers – which will help with the efficiency and speed of implementing changes on your site.
PHP 7 has had its engine significantly revamped (it has even been given a new name – PHP-NG or Next Generation) and has seen measurable advancements in comparison to PHP 5. This is something that manifests itself in increased page load speeds. Although these are invisible to the naked eye, Google advocates fast-loading pages as a part of its SEO criteria.
In addition, PHP 7.2…
– Has significantly increased stability (i.e. minimised downtime)
– Provides web applications with the capability to reply faster to queries (i.e. improved performance)
– Has improved security and therefore better defence against certain cyber attacks
The above are just some ways that upgrading to the latest PHP version is likely to improve your site’s effectiveness and enhance the user experience. Of course, there are many other improvements to consider with PHP 7, but we wanted to highlight these key areas.
Developers love using the latest software and features, which save them time while simultaneously improving readability and maintainability of code, and therefore enable them to deliver better quality products.
Which version of PHP should you upgrade to?
If you’ve reached this point and decided that you would be best served upgrading your PHP version, then it’s vital that you figure out which version you want to upgrade to.
If you use a mainstream CMS platform like WordPress or Drupal, the first thing to do will be to ensure that you have upgraded your website to its latest version – which we always advocate regardless!
Make sure that you speak to your tech team or agency and ask them to explain the effects of an upgrade to 7.1 or 7.2. Generally, upgrading to PHP 7.0 will not be worth it as this version will cease to be supported at the end of 2018, whilst PHP 7.1 will be supported until the end of 2019 at the least.
Your best choice will almost certainly be to upgrade to PHP 7.2, which will be receiving updates up until the 30th November 2020. It’s highly likely that this will also be the most cost-effective decision.
If you have a bespoke website rather than an open-source CMS, your case is likely to be unique and will need to be carefully assessed by your technical team or digital agency before you make a decision.
Next Steps
We can guess what your next questions are going to be: Will it be cost-efficient to upgrade and how complicated is the upgrade process?
This will all depend on a number of factors, including the complexity of your website; what framework you are currently using; your site’s CMS and the type of third-party plug-ins and integrations you have.
Effectively, your development team will need to ensure that their first port of call is to review the tech-stack you have in order to ensure that your site is compatible with your desired update. For example, your site might have certain plugins or modules that are not compatible with PHP 7.2; these will need to be changed or updated before you run the PHP upgrade.
In the worst-case scenario, you will have a website that hasn’t been maintained for a long period and is in need of major application and server updates before you perform the PHP upgrade.
In the best-case scenario, your website will have been fully supported and patched with all the latest security updates and so the upgrade should be simpler to perform.
Ultimately, if you have decided to upgrade to a new PHP version, the best approach will undoubtedly be to start a conversation with your tech team or digital agency and ask them to put together a quote.
Should You Upgrade Now?
Ultimately, the crux of the matter is that you will need to upgrade at some point. The decision to be made is whether you wish to invest now or push the decision a little further down the road.
If you go for the latter, you will need to keep two key points in mind:
- If your Vendor isn’t supporting or patching PHP 5.6 anymore, then you are open to both technical and reputational costs should a security breach occur.
- As time goes by, less and less experienced developers will be willing to work on your application, either because they don’t want to work with dated technologies or simply because there are not enough experts in the market able to work on your version of PHP
Make sure you keep all of the above in mind when you are making your decision – and consult with your digital agency!
If you have any questions about updating your PHP version, or a project that you’d like to work with us on, feel free to get in touch by emailing us at hello@jbidigital.co.uk.
