If you are still using PHP 5.6 or 7.0, you need to upgrade


Last October I made Upgrade your PHP, a site to let people know that PHP 5.6 and PHP 7.0 were about to reach their End of Life, and would no longer be officially supported.

In the time since, I’ve been helping people upgrade their servers to recent, supported versions. Not only are people sitting happy knowing they’re running a recent version of PHP but they’re also seeing drastic performance improvements from it.

Let me just reiterate why you need to upgrade:

1. Security

Ok, PHP doesn’t have a great track record in terms of security vulnerabilities.

But sure, most languages don’t. And you can just upgrade right? Well that’s true, but now these versions of PHP aren’t officially supported. There may be some unofficial community forks but they could just end at any moment. You’re much better off being on the latest version.

All it takes is a 0-day vulnerability on an unsupported version of PHP and hundreds of thousands of sites are at risk (including yours). A security vulnerability can mean your entire service or website gets hacked, leading to a lack of trust from your users.

2. Performance

Upgrading your PHP version can be one of the easiest ways to get free performance (especially when coming from 5.x). I’ve seen sites with a 1 second time-to-first-byte (TTFB) drop to ~200ms (the yellow line).

Why? PHP 7.x ships with Zend Engine 3.0, offering much greater performance.

It can also have a dramatic effect on CPU usage. The image below is the CPU graph after I upgraded a server from 5.6 to 7.2. The client was able to reduce their server package and save money on hosting.

The client below was running WordPress on PHP 5.6. Their CPU usage was out of control, frequently spiking up to 240%, with no discernable change in traffic or conditions. After upgrading to 7.2 at the Week 9 point, it now sits at aronud 40% with no spikes.

3. Maintainability

Upgrading now means the hard part is over with. The incremental changes between the minor versions of 7.x are much easier to keep on top of (and are mostly things you’re unlikely to have done).

The PHP website does contain a guide for things to look out for when upgrading from 5.6 to 7.0.x but there are many tools which will allow you to automatically scan your code.

How do I switch?

Well the short answer is you need to install the latest version of PHP and switch your server over to using that. There are dozens of operating systems and web server combinations here so it can be a little difficult to give a simple guide, but Google should be able to help.

If your website is running code incompatible with 7.x, that will need to be upgraded too but WordPress and PHP frameworks can make this very straightforward.

If you would like someone experienced to do it for you, please get in contact!